如何使用CENTOS 7 安裝ClamAV来进行病毒查杀
1.安裝EPEL
yum install epel-release
2.更新套件庫
yum update
3.確認ClamAV相關套件是否存在於套件庫
yum list | grep clamav*
4.依據步驟3.安裝ClamAV相關套件
yum install -y clamav clamav-devel clamav-scanner-systemd clamav-update clamav-data clamav-server clamav-server-systemd clamav-scanner
- 設定SELinux ,使其可執行系統掃描
setsebool -P antivirus_can_scan_system 1
setsebool -P antivirus_use_jit 1
6.更新病毒碼資料庫
freshclam
7.掃描測試
clamscan -r /var/www/html
8.安裝圖形化介面
(1)下載clamtk https://dave-theunsub.github.io/clamtk/
ex:clamtk-5.25-1.el7.norch.rpm
wget https://bitbucket.org/davem_/clamtk/downloads/clamtk-5.25-1.el7.noarch.rpm
(2) 安裝,參考資料 https://github.com/dave-theunsub/clamtk/blob/master/README.md
yum install clamtk-5.25-1.el7.noarch.rpm
9.設定/etc/clamd.d/scan.conf
(1)備份
cp /etc/clamd.d/scan.conf /etc/clamd.d/scan.conf-10707190020
(2)找到 Example 字串,於前方加上#
(3)啟用紀錄
LogFile /var/log/clamd.scan
(4)啟用記錄訊息時間
LogTime yes
(5)啟用LocalSocket
LocalSocket /var/run/clamd.scan/clamd.sock
(6)啟用ExtendedDetecionInfo
ExtendedDetectionInfo yes
(7)啟用PidFile
PidFile /var/run/clamd.scan/clamd.pid
(8)建立clamd log檔
touch /var/log/clamd.scan
chown clamscan:clamscan /var/log/clamd.scan
10.設定自動更新病毒碼通知電子郵件帳號,預設為root
vi /etc/cron.d/clamav-update
MAILTO=新帳號
11.設定開機自動啟動
systemctl enable clamd@scan
12.啟動clamd
systemctl start clamd@scan
13.設定每日自動掃瞄家目錄,並儲存記錄檔於/var/log/clamscan_daily.log
(1)vi /etc/cron.daily/clamscan_daily.sh
/usr/bin/clamscan -i -r /home >> /var/log/clamscan_daily.log
(2)更改權限
chmod 755 clamscan_daily.sh
(3)測試執行
sh clamscan_daily.sh
14.其他:檢核設定檔
clamd -c /etc/clamd.d/scan.conf
若透過yum安裝的clamav為舊版,請參考下列網址資訊安裝新版
https://www.clamav.net/documents/upgrading-clamav
參考資料:
https://www.phpini.com/linux/centos-7-install-lmd-clam-antivirus
http://abcg5.pixnet.net/blog/post/117120934-clamav-%E5%AE%89%E8%A3%9D%E5%9C%A8-centos-7