4 月 232014
 

安装顺序

不能先安装clamav
Error: Package: clamav-0.98.1-1.el6.rf.x86_64 (/clamav-0.98.1-1.el6.rf.x86_64)
Requires: clamav-db
[root@ftp ~]# yum install clamav-db-0.98.1-1.el6.rf.x86_64.rpm

再安装clamav
[root@ftp ~]# yum install clamav-0.98.1-1.el6.rf.x86_64.rpm

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
clamav x86_64 0.98.1-1.el6.rf /clamav-0.98.1-1.el6.rf.x86_64 7.1
Installing for dependencies:
libtool-ltdl x86_64 2.2.6-15.5.el6 base 44 k

Transaction Summary
================================================================================
Install 2 Package(s)

在安装clamd
[root@ftp ~]# yum install clamd-0.98.1-1.el6.rf.x86_64.rpm

[root@ftp ~]# chkconfig –list clamd
clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@ftp ~]#

编辑
启动clamd服务
[root@ftp ~]# service clamd start
Starting Clam AntiVirus Daemon: [ OK ]
[root@ftp ~]#
负责病毒库更新的配置文件
[root@ftp ~]# vi /etc/freshclam.conf

执行首次病毒库更新
[root@ftp ~]# freshclam
ClamAV update process started at Wed Apr 23 11:37:39 2014
Downloading main-55.cdiff [ 92%]
[root@ftp ~]# freshclam
ClamAV update process started at Wed Apr 23 11:55:26 2014
main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
daily.cvd is up to date (version: 18847, sigs: 904742, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 236, sigs: 43, f-level: 63, builder: dgoddard)
[root@ftp ~]#

首次扫描
[root@ftp ~]# clamscan install.log
install.log: OK

———– SCAN SUMMARY ———–
Known viruses: 3323604
Engine version: 0.98.1
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.02 MB
Data read: 0.01 MB (ratio 2.00:1)
Time: 42.104 sec (0 m 42 s)
[root@ftp ~]#

[root@ftp ~]# clamscan -r /ftpmount/hoyopay/www/
递归子目录

病毒扫描程序 CPU密集型操作
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
9060 root 20 0 290m 153m 332 R 26.4 64.2 0:10.72 clamscan
RPM二进制包 五个
[root@ftp ~]# rpm -lpq clamav-0.98.1-1.el6.rf.x86_64.rpm
warning: clamav-0.98.1-1.el6.rf.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY
/etc/freshclam.conf
/usr/bin/clambc
/usr/bin/clamscan
/usr/bin/freshclam
/usr/bin/sigtool
/usr/lib64/libclamav.so
/usr/lib64/libclamav.so.6
/usr/lib64/libclamav.so.6.1.20
/usr/lib64/libclamunrar.so
/usr/lib64/libclamunrar.so.6
/usr/lib64/libclamunrar.so.6.1.20
/usr/lib64/libclamunrar_iface.so
/usr/lib64/libclamunrar_iface.so.6
/usr/lib64/libclamunrar_iface.so.6.1.20
/usr/share/doc/clamav-0.98.1
/usr/share/doc/clamav-0.98.1/AUTHORS
/usr/share/doc/clamav-0.98.1/BUGS
/usr/share/doc/clamav-0.98.1/COPYING
/usr/share/doc/clamav-0.98.1/ChangeLog
/usr/share/doc/clamav-0.98.1/FAQ
/usr/share/doc/clamav-0.98.1/INSTALL
/usr/share/doc/clamav-0.98.1/NEWS
/usr/share/doc/clamav-0.98.1/README
/usr/share/doc/clamav-0.98.1/clamav-mirror-howto.pdf
/usr/share/doc/clamav-0.98.1/clamdoc.pdf
/usr/share/doc/clamav-0.98.1/freshclam.conf.sample
/usr/share/doc/clamav-0.98.1/phishsigs_howto.pdf
/usr/share/doc/clamav-0.98.1/signatures.pdf
/usr/share/man/man1/clambc.1.gz
/usr/share/man/man1/clamscan.1.gz
/usr/share/man/man1/freshclam.1.gz
/usr/share/man/man1/sigtool.1.gz
/usr/share/man/man5/freshclam.conf.5.gz

[root@ftp ~]# rpm -lpq clamav-db-0.98.1-1.el6.rf.x86_64.rpm
warning: clamav-db-0.98.1-1.el6.rf.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY
/etc/cron.daily/freshclam
/etc/logrotate.d/freshclam
/var/clamav
/var/clamav/daily.cvd
/var/clamav/main.cvd
/var/log/clamav
/var/log/clamav/freshclam.log

[root@ftp ~]# rpm -lpq clamav-devel-0.98.1-1.el6.rf.x86_64.rpm
warning: clamav-devel-0.98.1-1.el6.rf.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY
/usr/bin/clamav-config
/usr/include/clamav.h
/usr/lib64/pkgconfig/libclamav.pc

[root@ftp ~]# rpm -lpq clamav-milter-0.98.1-1.el6.rf.x86_64.rpm
warning: clamav-milter-0.98.1-1.el6.rf.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY
/etc/clamav-milter.conf
/etc/rc.d/init.d/clamav-milter
/etc/sysconfig/clamav-milter
/usr/sbin/clamav-milter
/usr/share/doc/clamav-milter-0.98.1
/usr/share/doc/clamav-milter-0.98.1/clamav-milter.conf.sample
/usr/share/man/man5/clamav-milter.conf.5.gz
/usr/share/man/man8/clamav-milter.8.gz

[root@ftp ~]# rpm -lpq clamd-0.98.1-1.el6.rf.x86_64.rpm
warning: clamd-0.98.1-1.el6.rf.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY
/etc/clamd.conf
/etc/logrotate.d/clamav
/etc/rc.d/init.d/clamd
/usr/bin/clamconf
/usr/bin/clamdscan
/usr/bin/clamdtop
/usr/sbin/clamd
/usr/share/doc/clamd-0.98.1
/usr/share/doc/clamd-0.98.1/clamd.conf.sample
/usr/share/man/man1/clambc.1.gz
/usr/share/man/man1/clamconf.1.gz
/usr/share/man/man1/clamdscan.1.gz
/usr/share/man/man1/clamdtop.1.gz
/usr/share/man/man5/clamd.conf.5.gz
/usr/share/man/man8/clamd.8.gz
/var/clamav
/var/log/clamav
/var/log/clamav/clamd.log
/var/run/clamav
递归扫描指定文件夹和文件且只显示可疑的文件
[root@ftp ~]# clamscan -ir /ftpmount/company/www/

———– SCAN SUMMARY ———–
Known viruses: 3323604
Engine version: 0.98.1
Scanned directories: 66
Scanned files: 790
Infected files: 0
Data scanned: 13.83 MB
Data read: 9.53 MB (ratio 1.45:1)
Time: 40.235 sec (0 m 40 s)
[root@ftp ~]#

增补 2014-06-20

手动执行指定目录及其文件的扫描

#/usr/local/clamav/bin/clamscan -r /usr/local/apache/htdocs
定时扫描并生成独立扫描日志(仅记录可疑文件及汇总)

05 2 */2 * * clamav /usr/local/clamav/bin/clamscan -r -i

/usr/local/apache/htdocs > /usr/local/clamav/log/scan. $(date +\%Y\%m\%d)
CRON [ $(date +\%Y\%m\%d) = `date +\%Y\%m\%d` ]

 

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据