ClamAV是使用广泛且基于GPL License的开源代码的典型杀毒软件,它支持各种平台,如:windows、linux、Unix等操作系统,并被广泛应用于其他应用程序,如:邮件客户端服务器、HTTP病毒扫描代理等。

下面开始安装

[root@nsh ~]# yum install -y epel-release
[root@nsh ~]# yum install -y clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

修改配置文件

[root@nsh ~]# sed -i '/^Example/d' /etc/clamd.d/scan.conf
[root@nsh ~]# sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

编辑配置文件

[root@nsh ~]# vim /etc/clamd.d/scan.confUser clamscan
LocalSocket /var/run/clamd.scan/clamd.sock

 更新病毒库

[root@nsh ~]# freshclam
ClamAV update process started at Tue Oct 29 13:43:11 2019
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Downloading daily-25551.cdiff [100%]
Downloading daily-25552.cdiff [100%]
Downloading daily-25553.cdiff [100%]
Downloading daily-25554.cdiff [100%]
Downloading daily-25555.cdiff [100%]
Downloading daily-25556.cdiff [100%]
Downloading daily-25557.cdiff [100%]
Downloading daily-25558.cdiff [100%]
Downloading daily-25559.cdiff [100%]
Downloading daily-25560.cdiff [100%]
Downloading daily-25561.cdiff [100%]
...............................................................
Downloading daily-25614.cdiff [100%]
Downloading daily-25615.cdiff [100%]
Downloading daily-25616.cdiff [100%]
daily.cld updated (version: 25616, sigs: 1960147, f-level: 63, builder: raynman)
Downloading bytecode-331.cdiff [100%]
bytecode.cld updated (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Database updated (6526490 signatures) from database.clamav.net (IP: 104.16.219.84)

设置定期更新病毒库(可选)

crontab -e

00 01,13 * * * /usr/bin/freshclam --quiet

因为freshclam不是系统服务,可新建如下

vim /usr/lib/systemd/system/freshclam.service
[Unit]
Description = freshclam scanner
After = network.target

[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 2   #一天更新两次
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target

systemctl enable freshclam.service
systemctl start freshclam.service
systemctl status freshclam.service

 启动查杀服务

systemctl enable clamd@scan.service
systemctl start clamd@scan.service
systemctl status clamd@scan.service

 查看clamAV的配置信息:

[root@nsh ~]# clamconf
Checking configuration files in /etc

Config file: clamd.d/scan.conf
------------------------------
AlertExceedsMax disabled
PreludeEnable disabled
PreludeAnalyzerName disabled
LogFile disabled
LogFileUnlock disabled
LogFileMaxSize = "1048576"
LogTime disabled
LogClean disabled
....................................................................................
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamd.d/scan.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SafeBrowsing disabled
Bytecode = "yes"

mail/clamav-milter.conf not found

Software settings
-----------------
Version: 0.101.4
Optional features supported: MEMPOOL IPv6 AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON

Database information
--------------------
Database directory: /var/lib/clamav
main.cvd: version 58, sigs: 4566249, built on Thu Jun  8 05:38:10 2017
daily.cld: version 25616, sigs: 1960147, built on Mon Oct 28 16:57:02 2019
bytecode.cld: version 331, sigs: 94, built on Fri Sep 20 00:12:33 2019
Total number of signatures: 6526490

Platform information
--------------------
uname: Linux 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
zlib version: 1.2.7 (1.2.7), compile flags: a9
platform id: 0x0a2169690800000000040805

Build information
-----------------
GNU C: 4.8.5 20150623 (Red Hat 4.8.5-39) (4.8.5)
CPPFLAGS:
CFLAGS: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic -fno-strict-aliasing   -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic
LDFLAGS: -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--as-needed
Configure: '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--enable-milter' '--disable-clamav' '--disable-static' '--disable-zlib-vcheck' '--disable-unrar' '--enable-id-check' '--enable-dns' '--with-dbdir=/var/lib/clamav' '--with-group=clamupdate' '--with-user=clamupdate' '--disable-rpath' '--disable-silent-rules' '--enable-clamdtop' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CXXFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--as-needed' 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic' 'PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
sizeof(void*) = 8
Engine flevel: 105, dconf: 105

  测试一下:下载个含病毒的文件并杀掉

[root@nsh ~]# wget http://www.eicar.org/download/eicar_com.zip
--2019-10-29 14:32:00--  http://www.eicar.org/download/eicar_com.zip
Resolving www.eicar.org (www.eicar.org)... 213.211.198.62
Connecting to www.eicar.org (www.eicar.org)|213.211.198.62|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 184 [application/octet-stream]
Saving to: ‘eicar_com.zip’

100%[=================================================================================================================================>] 184         --.-K/s   in 0s

2019-10-29 14:32:07 (34.2 MB/s) - ‘eicar_com.zip’ saved [184/184]

[root@nsh ~]# clamscan --infected --remove --recursive .
./eicar_com.zip: Eicar-Test-Signature FOUND
./eicar_com.zip: Removed.

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 3
Scanned files: 9
Infected files: 1
Data scanned: 0.01 MB
Data read: 0.00 MB (ratio 2.00:1)
Time: 103.178 sec (1 m 43 s)

  查杀两个目录

[root@nsh ~]# clamscan --infected --remove --recursive /home /root

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 4
Scanned files: 8
Infected files: 0
Data scanned: 0.01 MB
Data read: 0.00 MB (ratio 2.00:1)
Time: 96.905 sec (1 m 36 s)

  扫描整个系统

[root@nsh ~]# clamscan --infected --recursive --exclude-dir="^/sys" /
LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 13069
Scanned files: 61419
Infected files: 0
Data scanned: 2688.47 MB
Data read: 2923.47 MB (ratio 0.92:1)
Time: 1150.914 sec (19 m 10 s)

  完成

总结:简单无脑,但是还是需要研究...............................

  

  

Linux上的软件ClamAV的更多相关文章

  1. 大数据学习——Linux上常用软件安装

    4.1 Linux系统软件安装方式 Linux上的软件安装有以下几种常见方式: 1.二进制发布包 软件已经针对具体平台编译打包发布,只要解压,修改配置即可 2.RPM发布包 软件已经按照redhat的 ...

  2. Linux上的软件安装有哪些方式?

    Linux上的软件安装有以下几种常见方式介绍 1.二进制发布包 软件已经针对具体平台编译打包发布,只要解压,修改配置即可 2.RPM包 软件已经按照redhat的包管理工具规范RPM进行打包发布,需要 ...

  3. Linux上常用软件安装和总结

    Linux总结: 以前只顾着撸码,Linux这些一般都是运维玩的,然后也没怎么折腾过,每次上线也都只是发布下,最多也就是启停服务器.最近闲来无事就玩了玩Linux,还挺好的. 这里做一个总结来结束Li ...

  4. linux上 安装软件

    一.rpm包安装方式步骤:  1.找到相应的软件包,比如soft.version.rpm,下载到本机某个目录: 2.打开一个终端,su -成root用户: 3.cd soft.version.rpm所 ...

  5. Linux上安装软件

    Linux发行版的两大系列 debian:代表的比如Ubuntu,软件包管理工具apt.apt-get.dpkg,软件包名.deb redhat:代表的比如CentOS(所以在VMware上安装Cen ...

  6. Linux下安装软件命令详解

    ---------------------------------------------------------------- 或许你对于linux还不够了解,但是一旦你步入公司后,你就会发现lin ...

  7. linux操作之软件安装(二)(源码安装)

    源码安装 linux上的软件大部分都是c语言开发的 , 那么安装需要gcc编译程序才可以进行源码安装. yum install -y gcc #先安装gcc 安装源码需要三个步骤 1) ./confi ...

  8. Wine——在Linux上运行Windows软件

    官网:https://www.winehq.org/ 参考: wikipedia 教你使用Wine在Linux上运行Windows软件 如何安装和使用Wine,以便在Linux上运行Windows应用 ...

  9. Windows上模拟Linux环境的软件Cygwin

    Windows上模拟Linux环境的软件Cygwin 2010-10-11 15:19      我要评论(0) 字号:T|T Cygwin是一个用于在Windows上 模拟Linux环境的软件.它可 ...

随机推荐

  1. leetcode中二分查找的具体应用

    给定一个按照升序排列的整数数组 nums,和一个目标值 target.找出给定目标值在数组中的开始位置和结束位置. 你的算法时间复杂度必须是 O(log n) 级别. 如果数组中不存在目标值,返回 [ ...

  2. 配对t检验

  3. 使用GitHub管理Repository

    对已有的Repository进行修改 将已有的项目克隆到本地 git clone https://github.com/username/project-name 或者同步已经下载的项目 git pu ...

  4. SpringBoot项目示例

    一.准备工作: 环境及工具:Eclipse+JDK8+Maven+SpringBoot 二.源码: 1.项目架构:                    2.引入pom.xml <project ...

  5. Linux文件共享的实现方式

    前两天跟老师去北京开了一个会议,好久没学习了,今天才回学校,其中的辛酸就不说了.来正文: 1.什么是文件共享 (1).文件共享就是同一个文件(同一个文件指的是同一个inode,同一个pathname) ...

  6. Tarjan算法:求解无向连通图图的割点(关节点)与桥(割边)

    1. 割点与连通度 在无向连通图中,删除一个顶点v及其相连的边后,原图从一个连通分量变成了两个或多个连通分量,则称顶点v为割点,同时也称关节点(Articulation Point).一个没有关节点的 ...

  7. E - Rebuild UVALive - 7187 (二次函数极值问题)

    题目链接:http://acm.hdu.edu.cn/showproblem.php?pid=5531 Problem Description Archaeologists find ruins of ...

  8. [转]Apache漏洞利用与安全加固实例分析

    1.2 Apache文件解析特性 Apache对于文件名的解析是从后往前解析的,直到遇见一个它认识的文件类型为止.因此,如果web目录下存在以类似webshell.php.test这样格式命名的文件, ...

  9. 【Java杂货铺】JVM#Java高墙之GC与内存分配策略

    Java与C++之间有一堵由内存动态分配和垃圾回收技术所围成的"高墙",墙外的人想进去,墙外的人想出来.--<深入理解Java虚拟机> 前言 上一章看了高墙的一半,接下 ...

  10. springboot 整合thymeleaf 书笔记

    pom.xml依赖添加 <!--引入thymeleaf--> <dependency> <groupId>org.springframework.boot</ ...