linux杀毒软件ClamAV的安装使用
yum安装
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo ##epel源 yum install -y clamav
编译安装
1.安装依赖环境
yum install -y zlib openssl-devel yum groupinstall -y "Development Tools"
apt install -y zlib1g zlib1g.dev openssl vim build-essential libssl-dev #ubuntu/debian安装
2.安装clamav软件包
wget http://www.clamav.net/downloads/production/clamav-0.101.0.tar.gz tar zxvf clamav-0.101.0.tar.gz cd clamav-0.101.0 ./configure --prefix=/usr/local/clamav make && make install
3.修改配置文件
cp /usr/local/clamav/etc/clamd.conf.sample /usr/local/clamav/etc/clamd.conf sed -i '8s/Example/#Example/g' /usr/local/clamav/etc/clamd.conf echo 'LogFile /usr/local/clamav/logs/clamd.log' >> /usr/local/clamav/etc/clamd.conf echo 'PidFile /usr/local/clamav/updata/clamd.pid' >> /usr/local/clamav/etc/clamd.conf echo 'DatabaseDirectory /usr/local/clamav/updata/clamav' >> /usr/local/clamav/etc/clamd.conf
cp /usr/local/clamav/etc/freshclam.conf.sample /usr/local/clamav/etc/freshclam.conf sed -i '8s/Example/#Example/g' /usr/local/clamav/etc/freshclam.conf echo 'DatabaseDirectory /usr/local/clamav/updata' >> /usr/local/clamav/etc/freshclam.conf echo 'UpdateLogFile /usr/local/clamav/logs/freshclam.log' >> /usr/local/clamav/etc/freshclam.conf echo 'PidFile /usr/local/clamav/updata/freshclam.pid' >> /usr/local/clamav/etc/freshclam.conf
4.创建用户
groupadd clamav
useradd -g clamav clamav
5.创建目录文件
mkdir /usr/local/clamav/logs mkdir /usr/local/clamav/updata
touch /usr/local/clamav/logs/freshclam.log chown clamav:clamav /usr/local/clamav/logs/freshclam.log touch /usr/local/clamav/logs/clamd.log chown clamav:clamav /usr/local/clamav/logs/clamd.log chown clamav:clamav /usr/local/clamav/updata
6.升级病毒库(需要服务器连通外网)
/usr/local/clamav/bin/freshclam
7.扫描病毒
/usr/local/clamav/bin/clamscan -r --bell -i /
clamscan常用参数
| -r/--recursive[=yes/no] | 所有文件 |
| --log=FILE/-l FILE | 增加扫描报告 |
| clamscan -l /var/log/clamscan.log / | |
| --move [路径] | 移动病毒文件至 |
| --remove [路径] | 删除病毒文件 |
| --quiet | 只输出错误消息 |
| --infected/-i | 只输出感染文件 |
| --suppress-ok-results/-o | 跳过扫描OK的文件 |
| --bell | 扫描到病毒文件发出警报声音 |
| --unzip(unrar) | 解压压缩文件扫描 |
