Linux distributions like Ubuntu, Debian, Mint, Kali, Fedora, CentOs, RHEL are considered as virus free and advertised by open source advocates. This is a bit false but generally true assumption. Linux environment have very little viruses against Windows and MacOS. But Linux environment is not fully secure against. In this tutorial we will examine how to install ClamAV and use it to scan, find and destroy viruses in Linux.
Linux发行版(如Ubuntu,Debian,Mint,Kali,Fedora,CentOs,RHEL)被视为无病毒,并由开源倡导者宣传。 这是一个错误的假设,但通常是正确的假设。 Linux环境几乎没有针对Windows和MacOS的病毒。 但是Linux环境不能完全防范。 在本教程中,我们将研究如何安装ClamAV并将其用于扫描,查找和销毁Linux中的病毒。
安装 (Install)
We will look how to install different distributions families. This will install command line tools to update virus database signatures and scanner.
我们将研究如何安装不同的发行版系列。 这将安装命令行工具来更新病毒数据库签名和扫描程序。
Ubuntu,Debian,Mint,Kali (Ubuntu, Debian, Mint, Kali)
As always we start with the deb
based distributions.
与往常一样,我们从基于deb
的发行版开始。
$ sudo apt install clamav clamtk
软呢帽 (Fedora)
The recent versions start to use only dnf
as package manager. So we will use dnf
package manager in order to install clamav
最新版本开始仅使用dnf
作为程序包管理器。 因此,我们将使用dnf
软件包管理器来安装clamav
$ sudo dnf install clamav clamtk
RHEL,CentOS (RHEL, CentOS)
As old friend we will use yum
package manager in order to install clamav
作为老朋友,我们将使用yum
软件包管理器来安装clamav
$ sudo yum install clamav clamtk
Clamtk图形用户界面 (Clamtk Graphical User Interface)
As stated previously we also installed the clamtk
package which provides GUI for ClamAV. It provides following basic configurations about ClamAV
如前所述,我们还安装了clamtk
软件包,该软件包为ClamAV提供GUI。 它提供有关ClamAV的以下基本配置
- Configuration组态
- History历史
- Updates更新
- Analysis分析
更新病毒数据库签名(Update Virus Database Signatures)
One of the most important thing about antivirus software is updating virus database we can update virus database from updates like below.
防病毒软件最重要的事情之一就是更新病毒数据库,我们可以通过如下更新来更新病毒数据库。
扫描文件(Scan A File)
We will start the action by scanning a file which can be done from ,Scan a file` menu.
我们将通过扫描文件开始操作,可以从“扫描文件”菜单进行操作。
As we can see ClamAV have found nothing.
如我们所见,ClamAV没有发现任何东西。
扫描目录(Scan A Directory)
We can also scan a directory for viruses. We will just select the directory we want to scan. In this example we will scan the Downloads
directory which provides external and suspicious files downloaded from web.
我们还可以扫描目录以查找病毒。 我们将只选择我们要扫描的目录。 在此示例中,我们将扫描Downloads
目录,该目录提供了从Web下载的外部文件和可疑文件。
历史扫描(Historical Scans)
We can list and see information about historical scans. We will click History
which will list dates in the past like below.
我们可以列出并查看有关历史扫描的信息。 我们将单击“ History
,其中将列出过去的日期,如下所示。
then we will select the date we want to list and click View
which will open following window.
然后我们将选择要列出的日期,然后单击View
,这将在随后的窗口中打开。
隔离(Quarantine)
If in the previous scans any malware or virus are detected they will be put in to Quarantine
. We can list and view them by clicking Quarantine
which is empty for now.
如果在以前的扫描中检测到任何恶意软件或病毒,则将它们放入Quarantine
。 我们可以单击Quarantine
,将其列出并查看,目前该Quarantine
为空。