ubuntu 18.4LTS 安装12.1.6赛门铁克防病毒系统
创建/tools/ 文件夹,并将需要的软件包上传到该目录下
# mkdir -p /tools/ && cd /tools/
# tar -xzvf chang.tar.gz
# cd chang/
1、安装jre
# mkdir -p /usr/java/
# tar -xzvf jre-8u261-linux-x64.tar.gz -C /usr/java/
# chown -R root.root /usr/java/
# cat >> /etc/Symantec.conf << EOF
[Symantec Shared]
BaseDir=/opt/Symantec
JAVA_HOME=/usr/java/jre1.8.0_261/bin
EOF
jre下载地址:https://www.oracle.com/java/technologies/javase-server-jre8-downloads.html
2、复制jce
# apt install unzip
# unzip jce_policy-8.zip -d jce_policy
# cp -av jce_policy/UnlimitedJCEPolicyJDK8/* /usr/java/jre1.8.0_261/lib/security/
jce下载地址:https://www.oracle.com/java/technologies/javase-jce8-downloads.html
3、安装依赖包
# apt-get update
# dpkg --add-architecture i386
# apt-get install libc6:i386 libx11-6:i386 libncurses5:i386 libstdc++6:i386 -y
# apt-get install lib32ncurses5 lib32z1 -y
# apt-get install sharutils -y
# apt-get install ncompress -y
# apt-get install linux-headers-$(uname -r) build-essential -y
4、安装
# unzip SEP-deb.zip
# chmod 777 SEP-deb/install.sh
# SEP-deb/install.sh -i
Starting to install Symantec Endpoint Protection for Linux
Performing pre-check...
dpkg-query: no packages found matching unity
Pre-check succeeded
dpkg-query: no packages found matching unity
Begin installing virus protection component
Selecting previously unselected package sav.
(Reading database ... 144383 files and directories currently installed.)
Preparing to unpack .../SEP-deb/./Repository/sep.deb ...
Performing pre-check...
Pre-check is successful
Unpacking sav (12.1.6867-6400) ...
Setting up sav (12.1.6867-6400) ...
Processing triggers for systemd (237-3ubuntu10.38) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Virus protection component installed successfully
Begin installing Auto-Protect component
Selecting previously unselected package savap.
(Reading database ... 144442 files and directories currently installed.)
Preparing to unpack ..././Repository/sepap-x64.deb ...
Performing pre-check...
Pre-check is successful
Unpacking savap (12.1.6867-6400) ...
Setting up savap (12.1.6867-6400) ...
Processing triggers for systemd (237-3ubuntu10.38) ...
Processing triggers for ureadahead (0.100.0-21) ...
Auto-Protect component installed successfully
Begin installing GUI component
Selecting previously unselected package savui.
(Reading database ... 144465 files and directories currently installed.)
Preparing to unpack .../SEP-deb/./Repository/sepui.deb ...
Performing pre-check...
Pre-check is successful
Unpacking savui (12.1.6867-6400) ...
Setting up savui (12.1.6867-6400) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for mime-support (3.60ubuntu1) ...
GUI component installed successfully
Begin installing LiveUpdate component
Selecting previously unselected package savjlu.
(Reading database ... 144472 files and directories currently installed.)
Preparing to unpack ..././Repository/sepjlu.deb ...
Performing pre-check...
Pre-check is successful
Unpacking savjlu (12.1.6867-6400) ...
Setting up savjlu (12.1.6867-6400) ...
LiveUpdate component installed successfully
Begin installing legacy Auto-Protect component
Legacy Auto-Protect component installed successfully
Pre-compiled Auto-Protect kernel modules are not loaded yet, need compile them from source code
Build Auto-Protect kernel modules from source code successfully
Installation completed
=============================================================
Daemon status:
symcfgd [running]
rtvscand [running]
smcd [running]
=============================================================
Drivers loaded:
symap_custom_4_15_0_76_generic_x86_64
symev_custom_4_15_0_76_generic_x86_64
=============================================================
Auto-Protect starting
Protection status:
Definition: Waiting for update.
AP: Malfunctioning
=============================================================
The log files for installation of Symantec Endpoint Protection for Linux are under ~/:
sepfl-install.log
sep-install.log
sepap-install.log
sepap-legacy-install.log
sepui-install.log
sepjlu-install.log
sepfl-kbuild.log
5、让AP变成Enabled状态,需要的三个条件:
(1)symev和symap两个驱动被正确加载到内核里
# lsmod | grep -E "symev|symap"
symap_custom_4_15_0_76_generic_x86_64 49152 28
symev_custom_4_15_0_76_generic_x86_64 90112 2 symap_custom_4_15_0_76_generic_x86_64
(2)当前的SEP已经成功加载了一份病毒定义(无论新旧)
下载地址:
https://www.broadcom.com/support/security-center/definitions/download/detail?gid=sep
例如:
# wget https://definitions.symantec.com/defs/20200813-002-core15unix.sh
# chmod 777 20200813-002-core15unix.sh
# ./20200813-002-core15unix.sh
(3)rtvscand等SEP相关服务已经正常启动
/etc/init.d/symcfgd status
/etc/init.d/rtvscand status
/etc/init.d/smcd status
/etc/init.d/autoprotect status
# 启动服务命令
/etc/init.d/symcfgd start
/etc/init.d/rtvscand start
/etc/init.d/smcd start
/etc/init.d/autoprotect start
# 关闭服务命令
/etc/init.d/autoprotect stop
/etc/init.d/smcd stop
/etc/init.d/rtvscand stop
/etc/init.d/symcfgd stop
6、将服务加入开机自启动
systemctl enable symcfgd
systemctl enable rtvscand
systemctl enable smcd
systemctl enable autoprotect
7、其它命令
# 查看帮助信息
# /opt/Symantec/symantec_antivirus/sav -h
# 查看产品版本
# /opt/Symantec/symantec_antivirus/sav info -p
12.1.6 (12.1 RU6 MP4) build 6867 (12.1.6867.6400)
# 开启自动防护
# /opt/Symantec/symantec_antivirus/sav autoprotect -e
# 关闭自动防护
# /opt/Symantec/symantec_antivirus/sav autoprotect -d
#查看auto-protect是否enable
/opt/Symantec/symantec_antivirus/sav info -a
Enabled
# 查看病毒定义是否升级
# /opt/Symantec/symantec_antivirus/sav info -d
08/13/2020 rev. 2
# 查看扫描信息
# /opt/Symantec/symantec_antivirus/sav info -s
General Status: Done
Manual Scan: Done
每日调度扫描: Never run
# 查看扫描日志
# cat /var/symantec/Logs/AVMan.log
# cat /var/symantec/Logs/AVMan.log
00080000 00080000 00000003 00000002 00000002 0000001e
000000fa 01d6719baf89e92a 01d6719bad937500 01d6719bad937500 00000001 32070D120032,3,2,0,NAS,root,,,,,,,16777216,"Scan s
tarted on all drives and all extensions.",1597341652,,0,,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,00000126 01d6719c02f69112 01d6719c0236f000 01d6719c0236f000 00000001 32070D12030C,2,2,0,NAS,root,,,,,,,16777216,"Scan C
omplete: Threats: 0 Scanned: 0 Files/Folders/Drives Omitted: 314541",1597341652,,0,0:0:0:314541,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,0000010f 01d671a600cc8248 01d671a360b39c80 01d671a360b39c80 00000001 32070D123739,5,1,2,NAS,root,EICAR Test String,/too
ls/eicar.com,5,1,1,256,33574980,"",0,,0,,994050048,11101,0,0,0,,,,20200813.002,208156,0,,0,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,0,
# eicar.com 是从 https://www.eicar.org/?page_id=3950 网站上下载的测试病毒,放入Linux中后被拦截。
参考文章:
https://blog.csdn.net/gdlwx/article/details/106709181
https://545c.com/dir/17401394-28826326-bf937e
ubuntu 18.4LTS 安装12.1.6赛门铁克防病毒系统的更多相关文章
- Symantec(赛门铁克)非受管检测
为了查找局域网内没有安装赛门铁克客户端的IP,采用Symantec Endpoint Protect Manager 的非受管检测机制进行网段扫描. 非受管检测机制的原理是:每台电脑开机时都会向同网段 ...
- 赛门铁克通配符SSL证书,一张通配型证书实现全站加密
赛门铁克通配型SSL证书,验证域名所有权和企业信息,属于企业验证(OV) 级SSL证书,最高支持256位加密.申请通配符SSL证书可以保护相同主域名下无限数量的多个子域名(主机).例如,一个通配符 ...
- 赛门铁克扩展验证EV SSL证书
申请EV SSL证书,将接受最严格验证企业域名所有权和企业身份信息,属于最高信任级别扩展验证(EV)的 EV SSL证书,最高达256位自适应加密.Symantec不仅提供先进的SSL加密技术,同 ...
- 费用最少的一款赛门铁克SSL证书
Symantec Secure Site SSL证书,验证域名所有权和企业信息,属于Symantec Class 3企业(OV)验证 级SSL证书,为40位/56位/128/256位自适应加密,目前连 ...
- 赛门铁克和DigiCert证书有什么区别?
在众多国人眼里,赛门铁克Symantec名气更胜于DigiCert证书.但是,我们知道2017年赛门铁克因一系列原因被DigiCert收购,品牌名称也被更新为DigiCert Secure Site. ...
- 彭博社:博通正在与赛门铁克洽谈收购事宜(博通能买得起 又能讲故事的 没几个了 为了刺激资本的兴趣 只能瞎搞 就和intel 收购 麦咖啡一样。就像杜蕾斯收购美赞臣一样,也许只是纯粹的商业行为,哪行赚钱干哪行)
彭博社今日消息,知名芯片制造商 Broadcom 公司正在就收购网络安全公司 Symantec 事宜进行高级会谈,因为 Broadcom 希望寻找半导体业务之外的机会,以实现多元化经营. 据称,在彭博 ...
- 数据库服务器的监控 赛门铁克 Veritas i3 APM 查找指定时间段最耗服务器资源的TopSQL
- 解决Chrome 70版本以后谷歌不再信任赛门铁克证书问题
Google 从 2018 年 10 月发布的 Chrome 70 就停止信任赛门铁克的旧证书了,而 Mozilla 也将在 10 月底发布 Firefox 63 时停止信任赛门铁克的旧证书. 导致大 ...
- Ubuntu 18.04 安装MySQL
最近在写东西的时候,需要用到MySQL,在网上查了一下,都说Ubuntu18.04不能安装MySQL5.7.22, 总觉的不可能,所以自己就研究了一下,然后分享给大家 工具/原料 VMware W ...
随机推荐
- shell练习(1)创建100个用户
shell练习(1)创建100个用户 默默努力的小白. 2020-04-15 16:28:49 49 收藏文章标签: linuxshell版权随机创建100个用户,并生成随机密码,并将密码放入一个文件 ...
- stm32之ADC应用实例(单通道、多通道、基于DMA)-转载精华帖,最后一部分的代码是精华
硬件:STM32F103VCT6 开发工具:Keil uVision4 下载调试工具:ARM仿真器网上资料很多,这里做一个详细的整合.(也不是很详细,但很通俗).所用的芯片内嵌3个12位的 ...
- 11.20 yum:自动化RPM包管理工具
yum(Yellow dog Updater Modified)是多个Linux发行版的软件包管理器,例如Redhat RHEL.CentOS和Fedora.yum主要用于自动安装.升级rpm软件包, ...
- LTC4020
今天凯哥说他之前有一块电池放电低于20V了 然后接上4020后 会先浮充 涓流充 大约200ma 充过了20V后又是4A了
- linux python3安装whl包时报错解决:is not a supported wheel on this platform
原因1 你下载安装的包不是当前平台所支持的 原因2 你下载的包,不符合你所在的平台的安装whl的名称规范,所以出错.比如当前我要安装的包是:pymssql-2.1.5-cp36-cp36m-manyl ...
- MyBatis 开启 Log4j 日志调试信息开关
Log4j 是什么 Log4j 是由 Apache 提供的开源日志框架,用于帮助用户处理日志信息. Log4j 能将日志信息分级打印和存储,而且提供了日志不同的存储方式,我们可以将日志发送到控制台,或 ...
- Centos 6.5 启动报错 "Kernel panic - not syncing: Attempted to kill init"解决办法
某一天,开发同事突然告诉我服务器上自己的虚拟机连不上了,我登陆到服务器CAS管理界面,重启虚拟机后发现报错了 问题:Kernel panic - not syncing: Attempted to k ...
- 【数据结构与算法】多种语言(VB、C、C#、JavaScript)系列数据结构算法经典案例教程合集目录
目录 1. 专栏简介 2. 专栏地址 3. 专栏目录 1. 专栏简介 2. 专栏地址 「 刘一哥与GIS的故事 」之<数据结构与算法> 3. 专栏目录 [经典回放]多种语言系列数据结构算法 ...
- Go语言常用命令
查看可用命令 直接在终端中输入 go help 即可显示所有的 go 命令以及相应命令功能简介,主要有下面这些: ·build: 编译包和依赖 ·clean: 移除对象文件 ·doc: 显示包或者符号 ...
- Go基础结构与类型03---标准输入与输出
package main import ( "fmt" "strconv" ) //每次接收一个用户输入 func main031() { //定义a, b两个 ...