clamav安装使用
clamav-0.103.1安装环境:
$ cat /etc/issue
Ubuntu 20.04 LTS \n \l
安装依赖库
$ sudo apt-get install libssl-dev
$ sudo apt-get install zlib1g zlib1g-dev
$ sudo apt-get install libcurl4-openssl-dev
$ sudo apt-get install libpcre3 libpcre3-dev
下载clamav,配置选项–disable-clamav忽略对clamav用户和用户组的检查。
$ wget https://www.clamav.net/downloads/production/clamav-0.103.1.tar.gz
$ tar -xmf clamav-0.103.1.tar.gz
$ cd clamav-0.103.1/
$
$ ./configure --prefix=/opt/clamav --disable-clamav -with-zlib=/usr/local/zlib
$ make
$ sudo make install
创建相关目录和文件,并修改一下目录权限
$ sudo mkdir -p /opt/clamav/logs
$ sudo mkdir /opt/clamav/updata
$ sudo touch /opt/clamav/logs/freshclam.log
$ sudo touch /opt/clamav/logs/clamd.log
$
$ cd /opt/clamav/logs/
$ chown clamav:clamav clamd.log
$ sudo groupadd clamav
$ sudo useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
$
$ sudo chown clamav:clamav clamd.log
$ sudo chown clamav:clamav freshclam.log
生成默认配置文件
$ sudo cp /opt/clamav/etc/clamd.conf.sample /opt/clamav/etc/clamd.conf
$ sudo cp /opt/clamav/etc/freshclam.conf.sample /opt/clamav/etc/freshclam.conf
$
$ sudo vi /opt/clamav/etc/clamd.conf#ExampleLogFile /opt/clamav/logs/clamd.logPidFile /opt/clamav/updata/clamd.pid#DatabaseDirectory /opt/clamav/updataDatabaseDirectory /opt/clamav/share/clamav# Path to a local socket file the daemon will listen on.# Default: disabled (must be specified by a user)LocalSocket /tmp/clamd.socket$ sudo vi /opt/clamav/etc/freshclam.conf # Comment or remove the line below.# Example# use database.clamav.net instead.DatabaseMirror database.clamav.net
修改目录权限
$ sudo mkdir -p /opt/clamav/share/clamav
$ sudo chown clamav:clamav /opt/clamav/share
$
$ sudo chown kai:kai /opt/clamav/share
$ sudo chown kai:kai /opt/clamav/share/clamav/
id命令可查看用户的id信息,方便判断访问权限类的错误。
$ id clamav
uid=1001(clamav) gid=1001(clamav) groups=1001(clamav)
更新病毒库
运行freshclam更新病毒库。
$ /opt/clamav/bin/freshclam
ClamAV update process started at Mon Feb 8 08:01:09 2021
daily.cvd database is up to date (version: 26073, sigs: 4116267, f-level: 63, builder: raynman)
main.cvd database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
bytecode.cvd database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
CLAMAV自测试文件
clamav自测试文件位于test目录下。
$ /opt/clamav/bin/clamscan -r /home/kai/av/clamav-0.103.1/test//home/kai/av/clamav-0.103.1/test/clam.exe.rtf: Clamav.Test.File-6 FOUND
/home/kai/av/clamav-0.103.1/test/clam_cache_emax.tgz: Clamav.Test.File-6 FOUND
/home/kai/av/clamav-0.103.1/test/clam.exe.szdd: Clamav.Test.File-6 FOUND
/home/kai/av/clamav-0.103.1/test/clam-fsg.exe: Clamav.Test.File-6 FOUND
/home/kai/av/clamav-0.103.1/test/clam-mew.exe: Clamav.Test.File-6 FOUND
...----------- SCAN SUMMARY -----------
Known viruses: 8665590
Engine version: 0.103.1
Scanned directories: 2
Scanned files: 171
Infected files: 46
Data scanned: 26.00 MB
Data read: 13.76 MB (ratio 1.89:1)
Time: 50.815 sec (0 m 50 s)
Start Date: 2021:02:08 08:02:39
End Date: 2021:02:08 08:03:30
EICAR病毒文件测试
EICAR (European Insitute for Computer Anti-Virus Research) 标准防病毒测试文件
$ /opt/clamav/bin/clamscan -r /home/kai/av/eicar/
/home/kai/av/eicar/eicar_com.zip: Win.Test.EICAR_HDB-1 FOUND
/home/kai/av/eicar/eicarcom2.zip: Win.Test.EICAR_HDB-1 FOUND
/home/kai/av/eicar/eicar.com.txt: Win.Test.EICAR_HDB-1 FOUND
/home/kai/av/eicar/eicar.com: Win.Test.EICAR_HDB-1 FOUND----------- SCAN SUMMARY -----------
Known viruses: 8665590
Engine version: 0.103.1
Scanned directories: 1
Scanned files: 4
Infected files: 4
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 17.662 sec (0 m 17 s)
Start Date: 2021:02:08 08:07:28
End Date: 2021:02:08 08:07:45
守护进程检测模式
通信采用UNIX套接口。
vi /opt/clamav/etc/clamd.conf#Example
LogFile /opt/clamav/logs/clamd.log
PidFile /opt/clamav/updata/clamd.pid
DatabaseDirectory /opt/clamav/share/clamav# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket /tmp/clamd.socket
创建文件列表:
$ cat eee.txt
/home/kai/av/eicar/eicar.com
/home/kai/av/eicar/eicarcom2.zip
/home/kai/av/eicar/eicar.com.txt
/home/kai/av/eicar/eicar_com.zip
clamdscan开始扫描:
$ /opt/clamav/bin/clamdscan --infected --file-list=eee.txt
/home/kai/av/eicar/eicar.com: Win.Test.EICAR_HDB-1 FOUND
/home/kai/av/eicar/eicarcom2.zip: Win.Test.EICAR_HDB-1 FOUND
/home/kai/av/eicar/eicar.com.txt: Win.Test.EICAR_HDB-1 FOUND
/home/kai/av/eicar/eicar_com.zip: Win.Test.EICAR_HDB-1 FOUND----------- SCAN SUMMARY -----------
Infected files: 4
Time: 0.004 sec (0 m 0 s)
Start Date: 2021:02:08 08:52:37
End Date: 2021:02:08 08:52:37
资源使用情况
clamdtop查看clamd资源使用情况。
Primary threads: live 1 idle 0 max 10 +---------------------------------------+[|||| ] |Mem: heap 3M mmap 0M unused 0M|
Queue: 0 items 0 max |Libc: used 3M free 0M total 3M|[ ] |Pool: count 1 used 1173M total 1173M||[|||||||||||||||||||||||||||||||||||>] |+---------------------------------------+COMMAND QUEUEDSINCE FILESTATS 0.000s
clamav安装使用相关推荐
- linux 杀毒软件 clamav安装使用
下载Clamav http://www.clamav.net/download.html 1.CentOS7.4安装Clamav #安装依赖 yum -y install gcc-c++ pcre-d ...
- linux杀毒软件clamav安装
clamav 简介 ClamAV is an open source (GPLv2) anti-virus toolkit, designed especially for e-mail scanni ...
- centos 扫毒软件clamAV安装
安装clamav 之前还需要安装zlib 要不然安装过程中会报错的. tar -zxvf zlib-1.2.3.tar.gz cd zlib-1.2.3 ./configure make make ...
- Linux病毒扫描工具ClamAV安装使用
一.简介 Clam AntiVirus 是一款 UNIX 下开源的 (GPL) 反病毒工具包,专为邮件网关上的电子邮件扫描而设计.该工具包提供了包含灵活且可伸缩的监控程序.命令行扫描程序以及用于自动更 ...
- Clamav安装及基本使用教程
下载Clamav及病毒库 http://www.clamav.net/download.html 1.下载 wget http://www.clamav.net/downloads/productio ...
- Linux病毒扫描工具ClamAV 安装使用
1.yum 安装 安装软件 #安装epel软件源 yum -y install epel-release #安装clamav软件 yum -y install clamav-server clamav ...
- linux里面工具使用方法,linux免费查毒工具clamav安装和使用教程
clamav是linux下的免费查毒软件,注意哦,是查毒,不能杀毒,至于查出的毒怎么处理那是下一步的问题了. 一.安装. apt-get install clamav 或者到官网选择最新版的三个文件, ...
- linux 下clamav安装及问题处理
Linux杀毒工具 http://www.clamav.net/download.html/clamav-0.102.4.tar.gz yum install pcre* zlib zlib-deve ...
- Linux 下杀毒软件 clamav 的安装和使用
Linux 下杀毒软件 clamav 的安装和使用 安装依赖: 1 2 3 yum install -y pcre* zlib zlib-devel libssl-devel libssl yum i ...
最新文章
- python基础 while循环练习
- 盯紧那群养生的年轻人,他们的焦虑值300亿
- mysql5.7.14操作命令_Mysql5.7.14安装配置方法操作图文教程(密码问题解决办法)
- 根据省市区查询对应权限下的数据
- winform自动更新之AutoUpdater.NET
- MySql 创建存储过程
- java impliments,dubbo使用GenericService泛化调用
- Python 用pygame模块播放MP3
- 第6章 上传视频业务流程开发 6.1
- 灭霸一个响指,开源众包出现在开源中国的社区APP里,一键接单从此无忧。
- 香槟分校计算机研究生专业,伊利诺伊大学香槟分校计算机专业排名好不好?
- ISP--Black Level Correction(黑电平矫正)
- 无线蓝牙耳机手机端app开发_不输AirPods,只花百元就能买到的超级耳机,值了!...
- 决策树 基于python实现ID3,C4.5,CART算法
- 什么是面向对象?你是怎么理解面向对象的?为什么要用面向对象?用面向对象有什么好处?
- 自动化之旅--Appium
- npm run build appeared(出现) Cannot find module ‘webpack/lib/ModuleFilenameHelpers‘
- html前端开发------表格table
- 安卓笔记-第一行代码版(看书慢,故不打算再抠书,但笔记是心血)
- 纯 Css 绘制扇形
热门文章
- 红米6.apk软件安装失败:其他原因
- FL Studio2022水果编曲音乐制作软件自带完整插件
- 计算机网络中怎么共享文件,图文教你如何设置局域网里网络邻居中的共享文件...
- ORCAL数据库远程连接是报:12170连接超时错误解决办法
- php面试英文自我介绍范文,英文自我介绍范文分享
- 关于JS调用Adobe Reader ActiveX插件,在web环境下调用本地打印机执行静默打印的实现
- 嵌入式的应用领域、现状及未来趋势
- 使用vlookup嵌套INDIRECT函数实现跨表数据引用
- Docker-compose与consul
- java dofinal_Java Mac.doFinal方法代碼示例