ClamAV是使用广泛且基于GPL License的开源代码的典型杀毒软件,它支持各种平台,如:windows、linux、Unix等操作系统,并被广泛应用于其他应用程序,如:邮件客户端服务器、HTTP病毒扫描代理等。

下面开始安装

[root@nsh ~]# yum install -y epel-release
[root@nsh ~]# yum install -y clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

修改配置文件

[root@nsh ~]# sed -i '/^Example/d' /etc/clamd.d/scan.conf
[root@nsh ~]# sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

编辑配置文件

[root@nsh ~]# vim /etc/clamd.d/scan.confUser clamscan
LocalSocket /var/run/clamd.scan/clamd.sock

 更新病毒库

[root@nsh ~]# freshclam
ClamAV update process started at Tue Oct 29 13:43:11 2019
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Downloading daily-25551.cdiff [100%]
Downloading daily-25552.cdiff [100%]
Downloading daily-25553.cdiff [100%]
Downloading daily-25554.cdiff [100%]
Downloading daily-25555.cdiff [100%]
Downloading daily-25556.cdiff [100%]
Downloading daily-25557.cdiff [100%]
Downloading daily-25558.cdiff [100%]
Downloading daily-25559.cdiff [100%]
Downloading daily-25560.cdiff [100%]
Downloading daily-25561.cdiff [100%]
...............................................................
Downloading daily-25614.cdiff [100%]
Downloading daily-25615.cdiff [100%]
Downloading daily-25616.cdiff [100%]
daily.cld updated (version: 25616, sigs: 1960147, f-level: 63, builder: raynman)
Downloading bytecode-331.cdiff [100%]
bytecode.cld updated (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Database updated (6526490 signatures) from database.clamav.net (IP: 104.16.219.84)

设置定期更新病毒库(可选)

crontab -e

00 01,13 * * * /usr/bin/freshclam --quiet

因为freshclam不是系统服务,可新建如下

vim /usr/lib/systemd/system/freshclam.service
[Unit]
Description = freshclam scanner
After = network.target

[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 2   #一天更新两次
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target

systemctl enable freshclam.service
systemctl start freshclam.service
systemctl status freshclam.service

 启动查杀服务

systemctl enable clamd@scan.service
systemctl start clamd@scan.service
systemctl status clamd@scan.service

 查看clamAV的配置信息:

[root@nsh ~]# clamconf
Checking configuration files in /etc

Config file: clamd.d/scan.conf
------------------------------
AlertExceedsMax disabled
PreludeEnable disabled
PreludeAnalyzerName disabled
LogFile disabled
LogFileUnlock disabled
LogFileMaxSize = "1048576"
LogTime disabled
LogClean disabled
....................................................................................
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamd.d/scan.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SafeBrowsing disabled
Bytecode = "yes"

mail/clamav-milter.conf not found

Software settings
-----------------
Version: 0.101.4
Optional features supported: MEMPOOL IPv6 AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON

Database information
--------------------
Database directory: /var/lib/clamav
main.cvd: version 58, sigs: 4566249, built on Thu Jun  8 05:38:10 2017
daily.cld: version 25616, sigs: 1960147, built on Mon Oct 28 16:57:02 2019
bytecode.cld: version 331, sigs: 94, built on Fri Sep 20 00:12:33 2019
Total number of signatures: 6526490

Platform information
--------------------
uname: Linux 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
zlib version: 1.2.7 (1.2.7), compile flags: a9
platform id: 0x0a2169690800000000040805

Build information
-----------------
GNU C: 4.8.5 20150623 (Red Hat 4.8.5-39) (4.8.5)
CPPFLAGS:
CFLAGS: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic -fno-strict-aliasing   -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic
LDFLAGS: -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--as-needed
Configure: '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--enable-milter' '--disable-clamav' '--disable-static' '--disable-zlib-vcheck' '--disable-unrar' '--enable-id-check' '--enable-dns' '--with-dbdir=/var/lib/clamav' '--with-group=clamupdate' '--with-user=clamupdate' '--disable-rpath' '--disable-silent-rules' '--enable-clamdtop' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CXXFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--as-needed' 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic' 'PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
sizeof(void*) = 8
Engine flevel: 105, dconf: 105

  测试一下:下载个含病毒的文件并杀掉

[root@nsh ~]# wget http://www.eicar.org/download/eicar_com.zip
--2019-10-29 14:32:00--  http://www.eicar.org/download/eicar_com.zip
Resolving www.eicar.org (www.eicar.org)... 213.211.198.62
Connecting to www.eicar.org (www.eicar.org)|213.211.198.62|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 184 [application/octet-stream]
Saving to: ‘eicar_com.zip’

100%[=================================================================================================================================>] 184         --.-K/s   in 0s

2019-10-29 14:32:07 (34.2 MB/s) - ‘eicar_com.zip’ saved [184/184]

[root@nsh ~]# clamscan --infected --remove --recursive .
./eicar_com.zip: Eicar-Test-Signature FOUND
./eicar_com.zip: Removed.

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 3
Scanned files: 9
Infected files: 1
Data scanned: 0.01 MB
Data read: 0.00 MB (ratio 2.00:1)
Time: 103.178 sec (1 m 43 s)

  查杀两个目录

[root@nsh ~]# clamscan --infected --remove --recursive /home /root

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 4
Scanned files: 8
Infected files: 0
Data scanned: 0.01 MB
Data read: 0.00 MB (ratio 2.00:1)
Time: 96.905 sec (1 m 36 s)

  扫描整个系统

[root@nsh ~]# clamscan --infected --recursive --exclude-dir="^/sys" /
LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 13069
Scanned files: 61419
Infected files: 0
Data scanned: 2688.47 MB
Data read: 2923.47 MB (ratio 0.92:1)
Time: 1150.914 sec (19 m 10 s)

  完成

总结:简单无脑,但是还是需要研究...............................

  

  

Linux上的软件ClamAV的更多相关文章

  1. 大数据学习——Linux上常用软件安装

    4.1 Linux系统软件安装方式 Linux上的软件安装有以下几种常见方式: 1.二进制发布包 软件已经针对具体平台编译打包发布,只要解压,修改配置即可 2.RPM发布包 软件已经按照redhat的 ...

  2. Linux上的软件安装有哪些方式?

    Linux上的软件安装有以下几种常见方式介绍 1.二进制发布包 软件已经针对具体平台编译打包发布,只要解压,修改配置即可 2.RPM包 软件已经按照redhat的包管理工具规范RPM进行打包发布,需要 ...

  3. Linux上常用软件安装和总结

    Linux总结: 以前只顾着撸码,Linux这些一般都是运维玩的,然后也没怎么折腾过,每次上线也都只是发布下,最多也就是启停服务器.最近闲来无事就玩了玩Linux,还挺好的. 这里做一个总结来结束Li ...

  4. linux上 安装软件

    一.rpm包安装方式步骤:  1.找到相应的软件包,比如soft.version.rpm,下载到本机某个目录: 2.打开一个终端,su -成root用户: 3.cd soft.version.rpm所 ...

  5. Linux上安装软件

    Linux发行版的两大系列 debian:代表的比如Ubuntu,软件包管理工具apt.apt-get.dpkg,软件包名.deb redhat:代表的比如CentOS(所以在VMware上安装Cen ...

  6. Linux下安装软件命令详解

    ---------------------------------------------------------------- 或许你对于linux还不够了解,但是一旦你步入公司后,你就会发现lin ...

  7. linux操作之软件安装(二)(源码安装)

    源码安装 linux上的软件大部分都是c语言开发的 , 那么安装需要gcc编译程序才可以进行源码安装. yum install -y gcc #先安装gcc 安装源码需要三个步骤 1) ./confi ...

  8. Wine——在Linux上运行Windows软件

    官网:https://www.winehq.org/ 参考: wikipedia 教你使用Wine在Linux上运行Windows软件 如何安装和使用Wine,以便在Linux上运行Windows应用 ...

  9. Windows上模拟Linux环境的软件Cygwin

    Windows上模拟Linux环境的软件Cygwin 2010-10-11 15:19      我要评论(0) 字号:T|T Cygwin是一个用于在Windows上 模拟Linux环境的软件.它可 ...

随机推荐

  1. delphi数据类型列表

    Delphi 数据类型列表 分类 范围 字节 备注 简单类型 序数 整数 Integer -2147483648 .. 2147483647 4 有符号32位 Cardinal 0 .. 429496 ...

  2. vue路由简单实用

    <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8&quo ...

  3. 题解 P1630 【求和】

    题目 发现题解都不够优雅,就自己来一篇 ( 以下除[代码]处代码,其余均为现场手打,如有误请与本蒟蒻联系 ) [分析] 首先,看清楚了,题目是 \(\sum_{i=1}^ai^b\) 的余数 ,而不是 ...

  4. Wallet file not specified (must request wallet RPC through /wallet/<filename> uri-path). BitcoinJSONRPCClient异常、及其他异常

    1.异常信息 Wallet file not specified (must request wallet RPC through /wallet/<filename> uri-path) ...

  5. WEB网站的favicon.ico的设置

    一.什么是favicon.ico Favicon是Favorites Icon的缩写,favicon.ico是指显示在浏览器收藏夹和地址栏网站网址前面的个性化图标,常被成为网页小图标.网站缩略图标或者 ...

  6. [Algo] 397. Right Shift By N Characters

    Right shift a given string by n characters. Assumptions The given string is not null. n >= 0. Exa ...

  7. 13)PHP,文件加载(include和require)

    有四种文件加载的语法形式(注意,不是函数): include,  include_once,  require, require_once; 他们的本质是一样的,都是用于加载/引入/包含/载入一个外部 ...

  8. 回顾vim,ftp

    常用服务器 ftp,ssh FTP是文件传输协议的简称,文传协议,用于internet上控制文件的双向传输 它也是一个应用程序,,基于不同的操作系统有不同的FTP应用程序,都遵循同一种协议以传输文件. ...

  9. adaptation|domestication|genome evolution|convergent evolution|whole-genome shotgun sequencing|IHGSC

    Dissecting evolution and disease using comparative vertebrate genomics-online 因为基因组不是独一无二的,同时人类基因组可以 ...

  10. python机器学习(2:KNN算法)

    1.KNN 简介:knn算法是监督学习中分类方法的一种.它又被叫k近邻算法,是一个概念极其简单而分类效果又很优秀的分类算法. 核心思想:在训练集中选出离输入的数据最近的k个数据,根据这k个数据的类别判 ...