Clam AntiVirus是一个类UNIX系统上使用的反病毒软件包.主要应用于邮件服务器,采用多线程后台操作,可以自动升级病毒库.
1.软件安装
[[email protected] ~]# yum install clamav clamav-db clamav-devel clamav-milter -y
[[email protected] ~]# vim /etc/clamd.conf
LogFile /var/log/clamav/clamd.log #去掉以下注释
LogFileMaxSize 100M #日志文件的大小
LogTime yes #日志记录时间
LogRotate yes #日志轮回
PidFile /var/run/clamav/clamd.pid #PID文件存放
[[email protected] ~]# /etc/init.d/clamd restart
Stopping Clam AntiVirus Daemon: [ OK ]
Starting Clam AntiVirus Daemon: [ OK ]
[[email protected] ~]# /etc/init.d/clamav-milter restart
Stopping Clamav Milter Daemon: [ OK ]
Starting Clamav Milter Daemon: [ OK ]
[[email protected] ~]#
2.升级病毒库
[[email protected] ~]# freshclam
ClamAV update process started at Mon May 16 17:21:02 2016
WARNING: Can‘t query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Reading CVD header (main.cvd):
OK
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
Reading CVD header (daily.cvd): OK
daily.cld is up to date (version: 21555, sigs: 143628, f-level: 63, builder: neo)
Reading CVD header (bytecode.cvd): OK
bytecode.cvd is up to date (version: 277, sigs: 47, f-level: 63, builder: neo)
[[email protected] ~]#
3.检查病毒
[[email protected] apr-1.5.2]# clamscan --log=1.log #检查当前目录下的所有文件,记录日志
[[email protected] apr-1.5.2]# clamscan -r . #检查当前目录的所有文件和文件夹
[[email protected] apr-1.5.2]# clamscan -r . --remove=[yes|no] #如果发现有病毒就删除
[[email protected] apr-1.5.2]# clamscan -r . --copy=/tmp #如果发现有病毒就复制到目标目录中
[[email protected] apr-1.5.2]# clamscan -r . --move=/tmp #如果发现有病毒就移动到目标目录中
4.每天检查系统是否有病毒
[[email protected] apr-1.5.2]# crontab -l
00 23 * * * /usr/bin/freshclam
30 23 * * * /usr/bin/clamscan -r /home --remove -l /tmp/clamscan-`date +%Y-%m-%d`.log
[[email protected] apr-1.5.2]#