Linux installation configuration free antivirus software clam Antivirus tutorial

Source: Internet
Author: User
Tags pack virus scan eicar

Clam AntiVirus (ClamAV) is a free and open source anti-virus software, the software and virus code updates are released by the community free of charge. At present, ClamAV is mainly used in the mail server set up by Linux, FreeBSD and other unix-like system to provide the virus scanning service of email.

Install Clam AntiVirus

Since the clam antivirus does not exist in the official library of Yum in CentOS, yum installation with clam Antivirus requires the definition of unofficial libraries. Please confirm the existence of the corresponding unofficial library file first.

[Root@sample ~]# ls-l/etc/yum.repos.d/dag.repo← confirm the existence of the corresponding library file
-rw-r--r--1 root root 143 Oct 1 21:33/etc/yum.repos.d/dag.repo← confirm its presence (otherwise you cannot install CLAMD through yum)

If the Dag.repo file does not exist, you cannot install clam Antivirus through yum, and you need to define the unofficial library. The methods for defining unofficial libraries are set out in the "CentOS download, installation, and initial environment settings" section of Yum. Furthermore, it is necessary to ensure the correctness of the syntax of the defined Dag.repo file.

Then, install Clam Antivirus online via yum.

[Root@sample ~]# yum-y install clamd← online installation Clam AntiVirus
Setting up Install Process
Setting up repositories
Dag 100% |=========================| 1.1 KB 00:00
Update 100% |=========================| 951 B 00:00
Base 100% |=========================| 1.1 KB 00:00
Addons 100% |=========================| 951 B 00:00
Extras 100% |=========================| 1.1 KB 00:00
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 1.6 MB 00:08
Dag: ################################################## 4610/4610
Added 4610 New packages, deleted 0 in 94.91 seconds
primary.xml.gz 100% |=========================| MB 00:05
Update: ################################################## 256/256
Added new packages, deleted 0 in 4.25 seconds
Reducing Dag RPM Repository for Red Hat Enterprise Linux-included only
Finished
Parsing Package Install arguments
Resolving dependencies
--> populating transaction set with selected packages. Please wait.
---> Downloading header for CLAMD to pack into transaction set.
clamd-0.88.4-1.el4.rf.i38 100% |=========================| 5.3 KB 00:00
---> Package clamd.i386 0:0.88.4-1.el4.rf set to be updated
--> Running Transaction Check
--> processing Dependency:clamav = 0.88.4-1.el4.rf for PACKAGE:CLAMD
--> processing dependency:libclamav.so.1 for PACKAGE:CLAMD
--> restarting Dependency resolution with new changes.
--> populating transaction set with selected packages. Please wait.
---> Downloading header for ClamAV to pack into transaction set.
Clamav-0.88.4-1.el4.rf.i3 100% |=========================| 8.1 KB 00:00
---> Package clamav.i386 0:0.88.4-1.el4.rf set to be updated
--> Running Transaction Check
--> processing dependency:clamav-db = 0.88.4-1.el4.rf for Package:clamav
--> restarting Dependency resolution with new changes.
--> populating transaction set with selected packages. Please wait.
---> Downloading header for clamav-db to pack into transaction set.
CLAMAV-DB-0.88.4-1.EL4.RF 100% |=========================| 3.2 KB 00:00
---> Package clamav-db.i386 0:0.88.4-1.el4.rf set to be updated
--> Running Transaction Check

Dependencies resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
CLAMD i386 0.88.4-1.el4.rf Dag
Installing for dependencies:
ClamAV i386 0.88.4-1.el4.rf dag 724 K
Clamav-db i386 0.88.4-1.el4.rf Dag 5.6 M

Transaction Summary
=============================================================================
Install 3 Package (s)
Update 0 Package (s)
Remove 0 Package (s)
Total Download size:6.4 M
Downloading Packages:
(1/3): Clamd-0.88.4-1.el4 100% |=========================| MB 00:01
(2/3): Clamav-0.88.4-1.el 100% |=========================| 724 KB 00:04
(3/3): Clamav-db-0.88.4-1 100% |=========================| 5.6 MB 00:25
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing:clamav-db ######################### [1/3]
Installing:clamav ######################### [2/3]
INSTALLING:CLAMD ######################### [3/3]
Installed:clamd.i386 0:0.88.4-1.EL4.RF
Dependency Installed:clamav.i386 0:0.88.4-1.el4.rf clamav-db.i386 0:0.88.4-1.el4.rf
complete! ← Installation Completed!

Configure Clam AntiVirus

Next, configure Clam Antivirus.

[Root@sample ~]# vi/etc/clamd.conf← Modify CLAMD configuration file

Archiveblockmax← find this line and add "#" at the beginning (not the bulk compressed file as the infected file)

#ArchiveBlockMax ← becomes this state

User clamav← finds this line and adds "#" at the beginning (no general user control allowed)

#User clamav← into this state


Run Clam AntiVirus

Let Clam Antivirus start running, and set it to self boot.

[Root@sample ~]# chkconfig CLAMD on← set it to start since system startup

[Root@sample ~]# chkconfig--list CLAMD
CLAMD 0:off 1:off 2:on 3:on 4:on 5:on 6:off← confirm that the status of the 2--5 on is OK

[Root@sample ~]#/etc/rc.d/init.d/clamd start← start CLAMD service (run clam AntiVirus)

Starting Clam AntiVirus Daemon: [OK]← start successfully

Update the Clam AntiVirus virus Library

After installation, it is recommended to update the virus library immediately to ensure the latest virus killing.

[Root@sample ~]# freshclam← update clam Virus Library

ClamAV update process started at Fri Aug 25 18:39:26 2006
Downloading MAIN.CVD [*]
MAIN.CVD Updated (version:40, sigs:64138, F-level:8, BUILDER:TKOJM)
Downloading DAILY.CVD [*]
DAILY.CVD Updated (version:1728, sigs:2565, F-level:8, Builder:ccordes)
Database Updated (66703 signatures) from Db.cn.clamav.net (ip:58.221.253.171)
CLAMD successfully notified about the update.

Virus Scanning

Then the virus scan test, where we first download the test virus file.

[Root@sample ~]# clamdscan← for virus scanning
/root:ok
-----------SCAN SUMMARY-----------
Infected files:0← didn't find the virus.
time:5.074 sec (0 M 5 s)

[Root@sample ~]# wget http://www.eicar.org/download/eicar.com← download with poison file
[Root@sample ~]# wget http://www.eicar.org/download/eicar_com.zip← download with poison file

Then, again, the virus is traced. After attaching the "remove" option, the infected file is automatically deleted after the virus is detected.

[Root@sample ~]# clamdscan--remove← virus Scan again and attach deletion option

/root/eicar.com:eicar-test-signature found← found a virus-infected file
/root/eicar.com:removed. ← Delete a virus infected file
/root/eicar_com.zip:eicar-test-signature found← found a virus-infected file
/root/eicar_com.zip:removed. ← Delete virus infected files-----------SCAN SUMMARY-----------
Infected Files:2
time:2.201 sec (0 M 2 s)

Let virus scans run regularly

[Root@sample ~]# VI scan.sh← to establish an automatic scan script, as follows:

#!/bin/bash
Path=/usr/bin:/bin
clamscantmp= ' Mktemp '
Clamdscan--recursive--remove/> $CLAMSCANTMP
[!-Z "$ (grep found$ $CLAMSCANTMP)"] &&
grep FOUND $CLAMSCANTMP | Mail-s "Virus Found in ' hostname '" root
Rm-f $CLAMSCANTMP

[Root@sample ~]# chmod scan.sh← gives scripts permission to execute

[Root@sample ~]# crontab-e← Edit Scheduled task, add such as downlink

* * * * */root/scan.sh← Add this line to perform a scan every 3 o'clock

With free open source clam AntiVirus, but also for our free Linux added a lot of security systems, and do not spend money to buy, is not a good thing.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.