一、 简介
ClamAV 是一款开源的病毒防护软件
二、 安装ClamAV
安装ClamAV前先确保你已经关闭了selinux
[root@localhost ~]# setenforce 0
[root@localhost ~]# sed -i 's/^SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config
-
安装第三方的源
Centos默认的软件仓库是没有ClamAV的安装包的
[root@localhost ~]# yum -y install epel-release [root@localhost ~]# yum clean all && yum makecache
-
安装ClamAV
root@localhost ~]# yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
-
修改ClamAV配置文件
[root@localhost ~]# vi /etc/clamd.d/scan.conf
找到以下一行: #LocalSocket /var/run/clamd.scan/clamd.sock
删除#符号,并保存你的修改
使用root用户启动: User root
[root@localhost ~]# sed -i -e "s/^Example/#Example/" /etc/freshclam.conf # 注释这条
-
更新病毒库
[root@localhost ~]# freshclam
ClamAV update process started at Fri Jan 26 15:59:29 2024
daily database available for update (local version: 27075, remote version: 27165)
……
tabase test passed.
daily.cld updated (version: 27165, sigs: 2051569, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg
-
启动Clamd服务,并设置开启自启
[root@localhost ~]# systemctl start clamd@scan [root@localhost ~]# systemctl enable clamd@scan
-
扫描杀毒
clamdscan
一般用yum安装才能使用,需要启动cldmd,执行速度快;clamdscan扫描时不用带-r,默认会递归扫描;
clamscan
通用。不依赖服务,参数较多,执行速度稍慢;
-r
递归扫描子目录
-i
只显示发现的病毒文件
--no-summary
不显示统计信息
扫描 /etc 下所有文件
[root@localhost ~]# clamdscan /etc
/etc: OK
----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.345 sec (0 m 0 s)
Start Date: 2024:01:26 16:18:16
End Date: 2024:01:26 16:18:17
参考: https://www.cnblogs.com/wulm/p/17384109.html