欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

linux杀毒软件ClamAV的安装使用

程序员文章站 2022-05-02 13:00:31
1.安装依赖环境 2.安装clamav软件包 3.修改配置文件 4.创建用户 5.创建目录文件 6.升级病毒库(需要服务器连通外网) 7.扫描病毒 clamscan常用参数 ......

 

1.安装依赖环境

yum install -y zlib openssl-devel
yum groupinstall -y "development tools"
apt install -y zlib1g zlib1g.dev openssl vim build-essential libssl-dev  #ubuntu/debian安装

 

2.安装clamav软件包

wget http://www.clamav.net/downloads/production/clamav-0.101.0.tar.gz
tar zxvf clamav-0.101.0.tar.gz
cd clamav-0.101.0
./configure --prefix=/usr/local/clamav
make && make install

 

3.修改配置文件

cp /usr/local/clamav/etc/clamd.conf.sample /usr/local/clamav/etc/clamd.conf
sed -i '8s/example/#example/g' /usr/local/clamav/etc/clamd.conf
echo 'logfile /usr/local/clamav/logs/clamd.log' >> /usr/local/clamav/etc/clamd.conf
echo 'pidfile /usr/local/clamav/updata/clamd.pid' >> /usr/local/clamav/etc/clamd.conf
echo 'databasedirectory /usr/local/clamav/updata/clamav' >> /usr/local/clamav/etc/clamd.conf
cp /usr/local/clamav/etc/freshclam.conf.sample /usr/local/clamav/etc/freshclam.conf
sed -i '8s/example/#example/g' /usr/local/clamav/etc/freshclam.conf
echo 'databasedirectory /usr/local/clamav/updata' >> /usr/local/clamav/etc/freshclam.conf
echo 'updatelogfile /usr/local/clamav/logs/freshclam.log' >> /usr/local/clamav/etc/freshclam.conf
echo 'pidfile /usr/local/clamav/updata/freshclam.pid' >> /usr/local/clamav/etc/freshclam.conf

 

4.创建用户

groupadd clamav
useradd -g clamav clamav

 

5.创建目录文件

mkdir /usr/local/clamav/logs
mkdir /usr/local/clamav/updata
touch /usr/local/clamav/logs/freshclam.log
chown clamav:clamav /usr/local/clamav/logs/freshclam.log
touch /usr/local/clamav/logs/clamd.log
chown clamav:clamav /usr/local/clamav/logs/clamd.log
chown clamav:clamav /usr/local/clamav/updata

 

6.升级病毒库(需要服务器连通外网)

/usr/local/clamav/bin/freshclam

 

7.扫描病毒

/usr/local/clamav/bin/clamscan -r --bell -i /

clamscan常用参数

-r/--recursive[=yes/no] 所有文件
--log=file/-l file 增加扫描报告
clamscan -l /var/log/clamscan.log /  
--move [路径] 移动病毒文件至
--remove [路径] 删除病毒文件
--quiet 只输出错误消息
--infected/-i 只输出感染文件
--suppress-ok-results/-o 跳过扫描ok的文件
--bell 扫描到病毒文件发出警报声音
--unzip(unrar) 解压压缩文件扫描