- A+
clamAV是一个在命令行下查毒软件,因为它不将杀毒作为主要功能,默认只能查出您计算机内的病毒,但是无法清除,至多删除文件。ClamAV可以工作很多的平台上,但是有少数无法支持,这就要取决您所使用的平台的流行程度了。另外它主要是来防护一些WINDOWS病毒和木马程序。另外,这是一个面向服务端的软件。
可以从http://www.clamav.net/lang/en/download/packages/packages-linux/下载,以下仅为yum安装
1、查看系统版本
[[email protected]]# lsb_release -a LSB Version: :base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch Distributor ID: CentOS Description: CentOS release 6.4 (Final) Release: 6.4 Codename: Final
2、增加clamavyum安装源
[[email protected]]# cd /etc/yum.repos.d/ [[email protected] yum.repos.d]#vi dag.repo #Dag RPM Repository Start [dag] name=Dag RPM Repository for RHEL4 baseurl=http://ftp.riken.jp/Linux/dag/redhat/el4/en/$basearch/dag/ enabled=1 gpgcheck=1 #Dag RPM Repository End [[email protected] yum.repos.d]# yum -y install clamd 出现错误: warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY Public key for clamd-0.98-2.el4.rf.x86_64.rpm is not installed [[email protected] yum.repos.d]#vi dag.repo #Dag RPM Repository Start [dag] name=Dag RPM Repository for RHEL4 baseurl=http://ftp.riken.jp/Linux/dag/redhat/el4/en/$basearch/dag/ enabled=1 gpgcheck=0 #Dag RPM Repository End 将gpgcheck=1修改为gpgcheck=0 后正常安装
3、启动
[[email protected] /]# service clamd status clamd is stopped [[email protected] /]# service clamd start Starting Clam AntiVirus Daemon: LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: ************************************************** [ OK ]
4、更新病毒库
[[email protected] /]# freshclam ClamAV update process started at Mon Sep 30 16:08:12 2013 Downloading main-55.cdiff [100%] main.cld updated (version: 55, sigs: 2424225, f-level: 60, builder: neo) WARNING: getfile: daily-15077.cdiff not found on remote server (IP: 200.236.31.1) WARNING: getpatch: Can't download daily-15077.cdiff from db.cn.clamav.net Trying host db.cn.clamav.net (202.118.1.40)... WARNING: getfile: daily-15077.cdiff not found on remote server (IP: 202.118.1.40) WARNING: getpatch: Can't download daily-15077.cdiff from db.cn.clamav.net WARNING: getpatch: Can't download daily-15077.cdiff from db.cn.clamav.net WARNING: Incremental update failed, trying to download daily.cvd Downloading daily.cvd [100%] daily.cvd updated (version: 17916, sigs: 385455, f-level: 63, builder: neo) Downloading bytecode.cvd [100%] bytecode.cvd updated (version: 226, sigs: 43, f-level: 63, builder: neo) Database updated (2809723 signatures) from db.cn.clamav.net (IP: 202.118.1.40) Clamd successfully notified about the update.
5、查毒
扫描linux文件目录
[[email protected]]# clamscan /data2/ /data2/log: OK /data2/ceshi: Empty file ----------- SCAN SUMMARY ----------- Known viruses: 2804419 Engine version: 0.98 Scanned directories: 1 Scanned files: 1 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 7.014 sec (0 m 7 s)
6、创建扫描脚本,让它自动在一个时间段中自动执行
[[email protected] ~]#vi clamsc.sh #/bin/bash date_time=`date +%Y%m%d` data_path=/mnt PATH=/usr/bin:/bin clamscan -r –remove ${data_path} >/var/log/clamdscan_${date_time}.log [[email protected] ~]#crontab -l * 12 * * * /clamsc.sh