Home > Industries > Software
Recently found a server poisoning, manual to Avira will always be missing, finally installed the Linux antivirus software ClamAV, the use is good.
Environment:
Linux 6.8
Version:
Clamav-0.99.2.tar.gz
Dependency Relationship:
Yum install pcre* zlib zlib-devel libssl-devel Libssl
OpenSSL version 0.9.8 or higher
I. Installation CLAMAV
There are two ways of installing:
1.yum Installation
With Epel source for installation, but need to network to line (but can be poisoned also generally have outside network)
After installation, the service files are generated automatically, and after starting the service, you can use the CLAMDSACN command to scan faster.
When the service is started, the scan connection is monitored in real time, although security is high, but may have an impact on server performance.
Download Install Epel.repo file
Linux6 and 7 general, 6 will be prompted to find some components
| 1 | #yum install clamav clamav-server clamav-data clamav-update clamav-filesystem clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd |
After this method is installed, the default address of the virus library is/var/lib/clamav
2. Source code Installation
Need to manually compile the installation, although the installation does not need to network, but update the virus database or need networking
Do not start the service after installation, you cannot use the CLAMDSACN command, you can use the Clamscan command, the scanning speed is relatively slow
Official website Download ClamAV
| 123456 | #tar zxvf clamav-0.99.2.tar.gz#cd clamav-0.99.2#要带pcre,要不然执行clamscan会报错#./configure --prefix=/usr/local/clamav --with-pcre#make#make install |
Configuration file (Yum installs most of the steps can be omitted, will be created automatically)
| 12345 | #cd /usr/local/clamav/etc/#cp clamd.conf.sample clamd.conf#cp freshclam.conf.sample freshclam.conf注释掉clamd.conf和freshclam.conf中的# Example 注释掉这一行. 第8 行 |
#创建用户, create a directory where the virus library is stored
| 123 | # useradd clamav -s /sbin/nologin# mkdir-p /usr/local/clamav/share/clamav# chownclamav:clamav /usr/local/clamav/share/clamav |
Second, update the virus database
Perform the update command to download the virus database
#/opt/clamav/bin/freshclam
It's generally not downloaded.
You can wget to the local.
| 123456 | #cd /usr/local/clamav/share/clamav#wget http://database.clamav.net/main.cvd#wget http://database.clamav.net/daily.cvd#wget http://database.clamav.net/bytecode.cvd# chownclamav:clamav * |
Third, the command scan
ClamAV has two commands: Clamdscan, Clamscan
Clamdscan commands are generally installed in Yum to use, need to start CLAMD service, fast execution speed
Clamscan commands are generic, do not rely on services, command parameters are more, execution speed is slightly slower
Clamdscan:
| 123 | #service clamd start用clamdscan扫描,需要开始服务才能使用。速度快,不用带-r,默认会递归扫描子目录#clamdscan /usr |
Clamscan:
With Clamscan scanning, you do not need to start the service to be able to use. Slow, with-R to recursively scan subdirectories
| 12 | #clamscan -r /usr这个命令不仅会显示找到的病毒,正常的扫描文件也会显示出来。 |
You can use the following command to display only the virus information found
| 1234 | # clamscan --no-summary -ri /tmp-r 递归扫描子目录-i 只显示发现的病毒文件--no-summary 不显示统计信息 |
You can write a script that uses this command to scan periodically, with a return value triggering an alarm.
Installation and use of anti-virus software ClamAV under Linux
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
