一、自动安装
yum install clamav
病毒库默认地址是/var/lib/clamav
二、编译安装
1.下载
wget http://www.clamav.net/downloads/production/clamav-0.101.2.tar.gz
2.创建clamav用户和存放病毒库目录
clamav用户和用户组
groupadd clamav && useradd -g clamav clamav && id clamav
日志存放目录
mkdir -p /usr/local/clamav/logs touch /usr/local/clamav/logs/clamd.log touch /usr/local/clamav/logs/freshclam.log chown clamav.clamav /usr/local/clamav/logs/clamd.log chown clamav.clamav /usr/local/clamav/logs/freshclam.log
病毒存放目录
mkdir -p /usr/local/clamav/updata chown -R root.clamav /usr/local/clamav/ chown -R clamav.clamav /usr/local/clamav/updata/
3.解压安装包
tar xf clamav-0.101.2.tar.gz
4.安装依赖
yum install gcc openssl openssl-devel -y
5.编译安装
cd clamav-0.100.0/ ./configure --prefix=/usr/local/clamav --with-pcre make && make install echo $?
6.配置clamav
cd /usr/local/clamav/etc cp clamd.conf.sample clamd.conf cp freshclam.conf.sample freshclam.conf
vim clamd.conf
Example 注释掉这一行.
添加下面三行:
LogFile /usr/local/clamav/logs/clamd.log
PidFile /usr/local/clamav/updata/clamd.pid
DatabaseDirectory /usr/local/clamav/updata
vim freshclam.conf
Example 注释掉这一行.
添加下面三行
DatabaseDirectory /usr/local/clamav/updata
UpdateLogFile /usr/local/clamav/logs/freshclam.log
PidFile /usr/local/clamav/updata/freshclam.pid
7.启动clamav
chown -R clamav.clamav /usr/local/clamav/ systemctl start clamav-freshclam.service systemctl enable clamav-freshclam.service systemctl status clamav-freshclam.service
8.更新病毒库
先停止freshclam
systemctl stop clamav-freshclam.service
再更新
/usr/local/clamav/bin/freshclam
如果更新不成功还可以,也无法下载的话就用本机电脑浏览器下载cvd文件再上传到服务器
cd /usr/local/clamav/share/clamav wget http://database.clamav.net/main.cvd wget http://database.clamav.net/daily.cvd wget http://database.clamav.net/bytecode.cvd
更新完成启动
systemctl start clamav-freshclam.service systemctl status clamav-freshclam.service
创建软链接
ln -s /usr/local/clamav/bin/clamscan /usr/local/sbin/clamscan
9.扫描杀毒
clamscan:
通用,不依赖服务,命令参数较多,执行速度稍慢;
用clamscan扫描,不需要开始服务就能使用;
-r 递归扫描子目录
-i 只显示发现的病毒文件
--no-summary 不显示统计信息
扫描参数:
-r/--recursive[=yes/no] 所有文件
--log=FILE/-l FILE 增加扫描报告
--move [路径] 移动病毒文件至..
--remove [路径] 删除病毒文件
--quiet 只输出错误消息
--infected/-i 只输出感染文件
--suppress-ok-results/-o 跳过扫描OK的文件
--bell 扫描到病毒文件发出警报声音
--unzip(unrar) 解压压缩文件扫描
clamscan -r --bell -i / #扫描所有文件并且显示有问题的文件的扫描结果clamscan -r --bell -i / #只显示找到的病毒信息clamscan --no-summary -ri /tmp #扫描homeclamscan --infected --remove --recursive /home
评论 (0)