创建/tools/ 文件夹,并将需要的软件包上传到该目录下

# mkdir -p /tools/ && cd /tools/

# tar -xzvf chang.tar.gz

# cd chang/

1、安装jre

# mkdir -p /usr/java/

# tar -xzvf jre-8u261-linux-x64.tar.gz -C /usr/java/

# chown -R root.root /usr/java/

# cat >> /etc/Symantec.conf << EOF

[Symantec Shared]

BaseDir=/opt/Symantec

JAVA_HOME=/usr/java/jre1.8.0_261/bin

EOF

jre下载地址:https://www.oracle.com/java/technologies/javase-server-jre8-downloads.html

2、复制jce

# apt install unzip

# unzip jce_policy-8.zip -d jce_policy

# cp -av jce_policy/UnlimitedJCEPolicyJDK8/* /usr/java/jre1.8.0_261/lib/security/

jce下载地址:https://www.oracle.com/java/technologies/javase-jce8-downloads.html

3、安装依赖包

# apt-get update

# dpkg --add-architecture i386

# apt-get install libc6:i386 libx11-6:i386 libncurses5:i386 libstdc++6:i386 -y

# apt-get install lib32ncurses5 lib32z1 -y

# apt-get install sharutils -y

# apt-get install ncompress -y

# apt-get install linux-headers-$(uname -r) build-essential -y

4、安装

# unzip SEP-deb.zip

# chmod 777 SEP-deb/install.sh

# SEP-deb/install.sh -i

Starting to install Symantec Endpoint Protection for Linux

Performing pre-check...

dpkg-query: no packages found matching unity

Pre-check succeeded

dpkg-query: no packages found matching unity

Begin installing virus protection component

Selecting previously unselected package sav.

(Reading database ... 144383 files and directories currently installed.)

Preparing to unpack .../SEP-deb/./Repository/sep.deb ...

Performing pre-check...

Pre-check is successful

Unpacking sav (12.1.6867-6400) ...

Setting up sav (12.1.6867-6400) ...

Processing triggers for systemd (237-3ubuntu10.38) ...

Processing triggers for ureadahead (0.100.0-21) ...

Processing triggers for man-db (2.8.3-2ubuntu0.1) ...

Virus protection component installed successfully

Begin installing Auto-Protect component

Selecting previously unselected package savap.

(Reading database ... 144442 files and directories currently installed.)

Preparing to unpack ..././Repository/sepap-x64.deb ...

Performing pre-check...

Pre-check is successful

Unpacking savap (12.1.6867-6400) ...

Setting up savap (12.1.6867-6400) ...

Processing triggers for systemd (237-3ubuntu10.38) ...

Processing triggers for ureadahead (0.100.0-21) ...

Auto-Protect component installed successfully

Begin installing GUI component

Selecting previously unselected package savui.

(Reading database ... 144465 files and directories currently installed.)

Preparing to unpack .../SEP-deb/./Repository/sepui.deb ...

Performing pre-check...

Pre-check is successful

Unpacking savui (12.1.6867-6400) ...

Setting up savui (12.1.6867-6400) ...

Processing triggers for man-db (2.8.3-2ubuntu0.1) ...

Processing triggers for mime-support (3.60ubuntu1) ...

GUI component installed successfully

Begin installing LiveUpdate component

Selecting previously unselected package savjlu.

(Reading database ... 144472 files and directories currently installed.)

Preparing to unpack ..././Repository/sepjlu.deb ...

Performing pre-check...

Pre-check is successful

Unpacking savjlu (12.1.6867-6400) ...

Setting up savjlu (12.1.6867-6400) ...

LiveUpdate component installed successfully

Begin installing legacy Auto-Protect component

Legacy Auto-Protect component installed successfully

Pre-compiled Auto-Protect kernel modules are not loaded yet, need compile them from source code

Build Auto-Protect kernel modules from source code successfully

Installation completed

=============================================================

Daemon status:

symcfgd [running]

rtvscand [running]

smcd [running]

=============================================================

Drivers loaded:

symap_custom_4_15_0_76_generic_x86_64

symev_custom_4_15_0_76_generic_x86_64

=============================================================

Auto-Protect starting

Protection status:

Definition: Waiting for update.

AP: Malfunctioning

=============================================================

The log files for installation of Symantec Endpoint Protection for Linux are under ~/:

sepfl-install.log

sep-install.log

sepap-install.log

sepap-legacy-install.log

sepui-install.log

sepjlu-install.log

sepfl-kbuild.log

5、让AP变成Enabled状态,需要的三个条件:

(1)symev和symap两个驱动被正确加载到内核里

# lsmod | grep -E "symev|symap"

symap_custom_4_15_0_76_generic_x86_64 49152 28

symev_custom_4_15_0_76_generic_x86_64 90112 2 symap_custom_4_15_0_76_generic_x86_64

(2)当前的SEP已经成功加载了一份病毒定义(无论新旧)

下载地址:

https://www.broadcom.com/support/security-center/definitions/download/detail?gid=sep

例如:

# wget https://definitions.symantec.com/defs/20200813-002-core15unix.sh

# chmod 777 20200813-002-core15unix.sh

# ./20200813-002-core15unix.sh

(3)rtvscand等SEP相关服务已经正常启动

/etc/init.d/symcfgd status

/etc/init.d/rtvscand status

/etc/init.d/smcd status

/etc/init.d/autoprotect status

# 启动服务命令

/etc/init.d/symcfgd start

/etc/init.d/rtvscand start

/etc/init.d/smcd start

/etc/init.d/autoprotect start

# 关闭服务命令

/etc/init.d/autoprotect stop

/etc/init.d/smcd stop

/etc/init.d/rtvscand stop

/etc/init.d/symcfgd stop

6、将服务加入开机自启动

systemctl enable symcfgd

systemctl enable rtvscand

systemctl enable smcd

systemctl enable autoprotect

7、其它命令

# 查看帮助信息

# /opt/Symantec/symantec_antivirus/sav -h

# 查看产品版本

# /opt/Symantec/symantec_antivirus/sav info -p

12.1.6 (12.1 RU6 MP4) build 6867 (12.1.6867.6400)

# 开启自动防护

# /opt/Symantec/symantec_antivirus/sav autoprotect -e

# 关闭自动防护

# /opt/Symantec/symantec_antivirus/sav autoprotect -d

#查看auto-protect是否enable

/opt/Symantec/symantec_antivirus/sav info -a

Enabled

# 查看病毒定义是否升级

# /opt/Symantec/symantec_antivirus/sav info -d

08/13/2020 rev. 2

# 查看扫描信息

# /opt/Symantec/symantec_antivirus/sav info -s

General Status: Done

Manual Scan: Done

每日调度扫描: Never run

# 查看扫描日志

# cat /var/symantec/Logs/AVMan.log

# cat /var/symantec/Logs/AVMan.log

00080000 00080000 00000003 00000002 00000002 0000001e

000000fa 01d6719baf89e92a 01d6719bad937500 01d6719bad937500 00000001 32070D120032,3,2,0,NAS,root,,,,,,,16777216,"Scan s

tarted on all drives and all extensions.",1597341652,,0,,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,00000126 01d6719c02f69112 01d6719c0236f000 01d6719c0236f000 00000001 32070D12030C,2,2,0,NAS,root,,,,,,,16777216,"Scan C

omplete: Threats: 0 Scanned: 0 Files/Folders/Drives Omitted: 314541",1597341652,,0,0:0:0:314541,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,0000010f 01d671a600cc8248 01d671a360b39c80 01d671a360b39c80 00000001 32070D123739,5,1,2,NAS,root,EICAR Test String,/too

ls/eicar.com,5,1,1,256,33574980,"",0,,0,,994050048,11101,0,0,0,,,,20200813.002,208156,0,,0,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,0,

# eicar.com 是从 https://www.eicar.org/?page_id=3950 网站上下载的测试病毒,放入Linux中后被拦截。

参考文章:

https://blog.csdn.net/gdlwx/article/details/106709181

https://545c.com/dir/17401394-28826326-bf937e

ubuntu 18.4LTS 安装12.1.6赛门铁克防病毒系统的更多相关文章

  1. Symantec(赛门铁克)非受管检测

    为了查找局域网内没有安装赛门铁克客户端的IP,采用Symantec Endpoint Protect Manager 的非受管检测机制进行网段扫描. 非受管检测机制的原理是:每台电脑开机时都会向同网段 ...

  2. 赛门铁克通配符SSL证书,一张通配型证书实现全站加密

      赛门铁克通配型SSL证书,验证域名所有权和企业信息,属于企业验证(OV) 级SSL证书,最高支持256位加密.申请通配符SSL证书可以保护相同主域名下无限数量的多个子域名(主机).例如,一个通配符 ...

  3. 赛门铁克扩展验证EV SSL证书

      申请EV SSL证书,将接受最严格验证企业域名所有权和企业身份信息,属于最高信任级别扩展验证(EV)的 EV SSL证书,最高达256位自适应加密.Symantec不仅提供先进的SSL加密技术,同 ...

  4. 费用最少的一款赛门铁克SSL证书

    Symantec Secure Site SSL证书,验证域名所有权和企业信息,属于Symantec Class 3企业(OV)验证 级SSL证书,为40位/56位/128/256位自适应加密,目前连 ...

  5. 赛门铁克和DigiCert证书有什么区别?

    在众多国人眼里,赛门铁克Symantec名气更胜于DigiCert证书.但是,我们知道2017年赛门铁克因一系列原因被DigiCert收购,品牌名称也被更新为DigiCert Secure Site. ...

  6. 彭博社:博通正在与赛门铁克洽谈收购事宜(博通能买得起 又能讲故事的 没几个了 为了刺激资本的兴趣 只能瞎搞 就和intel 收购 麦咖啡一样。就像杜蕾斯收购美赞臣一样,也许只是纯粹的商业行为,哪行赚钱干哪行)

    彭博社今日消息,知名芯片制造商 Broadcom 公司正在就收购网络安全公司 Symantec 事宜进行高级会谈,因为 Broadcom 希望寻找半导体业务之外的机会,以实现多元化经营. 据称,在彭博 ...

  7. 数据库服务器的监控 赛门铁克 Veritas i3 APM 查找指定时间段最耗服务器资源的TopSQL

  8. 解决Chrome 70版本以后谷歌不再信任赛门铁克证书问题

    Google 从 2018 年 10 月发布的 Chrome 70 就停止信任赛门铁克的旧证书了,而 Mozilla 也将在 10 月底发布 Firefox 63 时停止信任赛门铁克的旧证书. 导致大 ...

  9. Ubuntu 18.04 安装MySQL

    最近在写东西的时候,需要用到MySQL,在网上查了一下,都说Ubuntu18.04不能安装MySQL5.7.22, 总觉的不可能,所以自己就研究了一下,然后分享给大家 工具/原料   VMware W ...

随机推荐

  1. jmeter完成一个简单的性能测试(jp@gc - PerfMon Metrics Collector的运用)

    场景:公司项目解耦,在项目前期对新的架构进行简单的性能测试 工具:jmeter 1.大致结构如下: 1800秒(半个小时)内持续产生20000的线程 创建了聚合报告,主要是查看服务器响应结果以及相应时 ...

  2. linux进阶之nmtui和nmcli配置网络

    CentOS7配置网络推荐使用NetworkManager服务(不推荐network服务). 图形化方式:nmtui或Applications->System Tools->Setting ...

  3. (xxx) is not defined at HTMLInputElement.onblur(Day_27)

    错误: 这个报错我当时是卡了很久,方法是肯定没有问题的,但js所有的事件都失效了. 解决方案: 1.检查js命名是否有误,若外部引用js文件,尽量使用全小写命名,遵守js命名规范. 2.若还不行,请将 ...

  4. windows server 2008 rdp停止服务 - windows server 2012 R2 远程桌面授权模式尚未配置,远程桌面服务将在120天内停止工作

    目录 问题现象 增长rdp服务可使用时长的配置 Via & reference: 问题现象 windows server 2008作为测试环境跳板机,但是没有配置官方的rdp授权,限制用户登录 ...

  5. java面试一日一题:java中的垃圾回收器

    问题:请讲下java中垃圾回收器有哪些? 分析:该问题主要考察hotspot虚拟机下实现的垃圾回收器 回答要点: 主要从以下几点去考虑, 1.垃圾回收器的种类 2.每种垃圾回收器的着重点是什么 前边的 ...

  6. 十一、.net core(.NET 6)搭建ElasticSearch(ES)系列之ElasticSearch、head-master、Kibana环境搭建

    搭建ElasticSearch+Kibana环境 前提条件:已经配置好JDK环境以及Nodejs环境.如果还未配置,请查看我的上一篇博客内容,有详细配置教程. 先下载ElasticSearch(以下文 ...

  7. 004:ZYNQ_AXI总线学习笔记(1)

    1.    WHAT IS AXI? AXI是一种高级可扩展接口,是ARM AMBA的一部分. 2.    WHAT IS AMBA? AMBA是高级微控制器总线架构,开放的片内互联总线标准. 3.A ...

  8. Python+Selenium学习笔记4 - submit&get_attribute

    1.submit() submit()方法用于提交表单.如在搜索框输入关键字后按回车键进行查询操作,就可用submit()方法模拟.若不能按回车键进入下一步,则不能用submit()举例,百度的查询提 ...

  9. javascript数组排序之冒泡排序

    冒泡排序 作为一名程序员数组的排序算法是必须要掌握的,今天来说最简单的一种数组排序----冒泡排序 冒泡排序原理 冒泡排序算法是一种简单直观的排序算法.它重复地走访过要排序的数列,一次比较两个元素,如 ...

  10. AI框架精要:设计思想

    AI框架精要:设计思想 本文主要介绍飞桨paddle平台的底层设计思想,可以帮助用户理解飞桨paddle框架的运作过程,以便于在实际业务需求中,更好的完成模型代码编写与调试及飞桨paddle框架的二次 ...