Clamav杀毒软件
安装
源码安装
不做过多阐述,安装参数自行定义
configure
make
make install
yum安装
rpm -Uvh http://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y clamav
其他版本yum源自行寻找即可
配置
私有病毒特征库
下载脚本
urls.txt 中的网址也可使用http://database.clamav.net/下载
下载时必须加"user_agent",另外一个网址可不加。
#!/bin/bash
date=$(date +'%F')
logfile='/opt/scripts/logs/wget_clamav.log'
user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36"
/bin/wget --user-agent="$user_agent" -i /opt/scripts/urls.txt -N -P /opt/web/clamav/ -a $logfile
# zabbix监控使用
if [ $? -eq 0 ];then
echo "$(date +'%F') Download Success" >> $logfile
fi
mv $logfile "$logfile-$date"
urls.txt[^上面脚本需要引用]
https://pivotal-clamav-mirror.s3.amazonaws.com/main.cvd
https://pivotal-clamav-mirror.s3.amazonaws.com/daily.cvd
https://pivotal-clamav-mirror.s3.amazonaws.com/bytecode.cvd
nginx 配置
location / {
root /opt/web/clamav;
}
/etc/freshclam.conf
UpdateLogFile /app/clam/logs/freshclam.log
DatabaseDirectory /var/lib/clamav
DatabaseOwner clamupdate
LogTime yes
ScriptedUpdates no
PrivateMirror 172.85.10.49
扫描目录
clamscan --infected --exclude-dir="^/proc|^/sys|^/run|^/dev" -r / -l /app/clam/logs/clamscan.log
定时任务
每天同步病毒特征库
20 1 * * * freshclam --quiet
每天扫描目录
clamscan --infected --exclude-dir="^/proc|^/sys|^/run|^/dev" -r / -l /app/clam/logs/clamscan.log
有兴趣的可以继续了解下OSSEC HIDS入侵检测软件