1.ClamAV防毒軟體的安裝
2.下載下傳病毒庫
3.開啟服務
4.清除病毒
5.計劃任務
[root@localhost ~]# yum -y install epel-release |
Running Transaction Installing : epel-release-6-8.noarch 1/1 Verifying : epel-release-6-8.noarch 1/1 Installed: epel-release.noarch 0:6-8 Complete! |
[root@localhost ~]# yum repolist |
Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile epel/metalink | 7.7 kB 00:00 * base: mirrors.aliyun.com * epel: mirrors.sohu.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com epel | 4.7 kB 00:00 epel/primary_db | 6.0 MB 00:04 repo id repo name status base CentOS-6 - Base 6,706 epel Extra Packages for Enterprise Linux 6 - x86_64 12,448 extras CentOS-6 - Extras 47 updates CentOS-6 - Updates 942 repolist: 20,143 |
[root@localhost ~]# yum -y install clamav-db clamav clamd |
Installing : clamav-db-0.99.2-3.el6.x86_64 1/3 Installing : clamav-0.99.2-3.el6.x86_64 2/3 Installing : clamd-0.99.2-3.el6.x86_64 3/3 Verifying : clamav-0.99.2-3.el6.x86_64 1/3 Verifying : clamd-0.99.2-3.el6.x86_64 2/3 Verifying : clamav-db-0.99.2-3.el6.x86_64 3/3 clamav.x86_64 0:0.99.2-3.el6 clamav-db.x86_64 0:0.99.2-3.el6 clamd.x86_64 0:0.99.2-3.el6 |
[root@localhost ~]# cp /etc/freshclam.conf /etc/freshclam.conf.bak [root@localhost ~]# sed -i -e "s/^Example/#Example/" /etc/freshclam.conf [root@localhost ~]# cp /etc/clamd.conf /etc/clamd.conf.bak [root@localhost ~]# sed -i -e "s/^Example/#Example/" /etc/clamd.conf [root@localhost ~]# vim /etc/freshclam.conf |
DatabaseDirectory /var/lib/clamav UpdateLogFile /var/log/clamav/freshclam.log |
[root@localhost ~]# vim /etc/clamd.conf |
LogFile /var/log/clamav/clamd.log PidFile /var/run/clamav/clamd.pid |
https://www.clamav.net/downloads
将main.cvd\daily.cvd\bytecode.cvd三個檔案下載下傳後上傳到/var/lib/clamav目錄下
[root@localhost ~]# cd /var/lib/clamav/ [root@localhost clamav]# ll |
total 158464 -rw-r--r-- 1 clam clam 153228 Jan 28 16:41 bytecode.cvd -rw-r--r-- 1 clam clam 44204264 Jan 28 16:41 daily.cvd -rw-r--r-- 1 root root 117892267 Jan 28 16:44 main.cvd |
[root@localhost ~]# freshclam |
[root@localhost ~]# service clamd start [root@localhost ~]# netstat -nltup |grep clamd |
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 3238/clamd |
[root@localhost ~]# chkconfig clamd on [root@localhost ~]# clamdscan -V |
ClamAV 0.99.2/24263/Sun Jan 28 17:24:50 2018 |
1、 全盤掃描:# clamscan -r /
2、 掃描到病毒後立即删除(慎用):# clamscan -r / --remove
3、 掃描到病毒後立即移動到/tmp目錄:# clamscan -r / --move=/tmp
4、 生成掃描日志檔案:# clamscan/tmp/1.txt -l /var/log/clamscan.log
5、 常用選項:
(1) --quiet:隻列印錯誤資訊
(2) -i | --infected:隻列印被感染的檔案
(3) --remove[=yes/no(*)]:移除被感染的檔案
(4) --move=DIRECTORY:将被感染的檔案移至指定目錄
(5) --copy=DIRECTORY:将被感染的檔案複制至指定目錄
(6) --exclude=REGEX:不掃描與正規表達式比對的檔案
(7) --exclude-dir=REGEX:不掃描與正規表達式比對的目錄
(8) --include=REGEX:隻掃描與正規表達式比對的檔案
(9) --include-dir=REGEX:隻掃描與正規表達式比對的目錄
說明
基本格式
* * * * * command
第1清單示分鐘1~59每分鐘用*或者*/1表示
第2清單示小時1~23(0表示0點)
第3清單示日期1~31
第4清單示月份1~12
第5清單示星期0~6(0表示星期天)
第6列要運作的指令
[root@localhost ~]# crontab -e |
00 23 * * 6 /usr/bin/clamscan --infected -r / -l /var/log/clamscan.log |
[root@localhost ~]# crontab -l -u root |
0 23 * * 6 /usr/bin/clamscan --infected -r / -l /var/log/clamscan.log |
[root@localhost ~]# service crond restart [root@localhost ~]# chkconfig crond on |