Clam AntiVirus是一个类UNIX系统上使用的反病毒软件包.主要应用于邮件服务器,采用多线程后台操作,可以自动升级病毒库.
1.软件安装
[root@node3 ~]# yum install clamav clamav-db clamav-devel clamav-milter -y
[root@node3 ~]# vim /etc/clamd.conf
LogFile /var/log/clamav/clamd.log #去掉以下注释
LogFileMaxSize 100M #日志文件的大小
LogTime yes #日志记录时间
LogRotate yes #日志轮回
PidFile /var/run/clamav/clamd.pid #PID文件存放
[root@node3 ~]# /etc/init.d/clamd restart
Stopping Clam AntiVirus Daemon: [ OK ]
Starting Clam AntiVirus Daemon: [ OK ]
[root@node3 ~]# /etc/init.d/clamav-milter restart
Stopping Clamav Milter Daemon: [ OK ]
Starting Clamav Milter Daemon: [ OK ]
[root@node3 ~]#
2.升级病毒库
[root@node3 ~]# freshclam
ClamAV update process started at Mon May 16 17:21:02 2016
WARNING: Can't query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Reading CVD header (main.cvd):
OK
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
Reading CVD header (daily.cvd): OK
daily.cld is up to date (version: 21555, sigs: 143628, f-level: 63, builder: neo)
Reading CVD header (bytecode.cvd): OK
bytecode.cvd is up to date (version: 277, sigs: 47, f-level: 63, builder: neo)
[root@node3 ~]#
3.检查病毒
[root@node3 apr-1.5.2]# clamscan --log=1.log #检查当前目录下的所有文件,记录日志
[root@node3 apr-1.5.2]# clamscan -r . #检查当前目录的所有文件和文件夹
[root@node3 apr-1.5.2]# clamscan -r . --remove=[yes|no] #如果发现有病毒就删除
[root@node3 apr-1.5.2]# clamscan -r . --copy=/tmp #如果发现有病毒就复制到目标目录中
[root@node3 apr-1.5.2]# clamscan -r . --move=/tmp #如果发现有病毒就移动到目标目录中
4.每天检查系统是否有病毒
[root@node3 apr-1.5.2]# crontab -l
00 23 * * * /usr/bin/freshclam
30 23 * * * /usr/bin/clamscan -r /home --remove -l /tmp/clamscan-`date +%Y-%m-%d`.log
[root@node3 apr-1.5.2]#
