一、下載安裝
1.下載
clamav官網:http://www.clamav.net/downloads,最新穩定版是0.100.2。 點擊這里下載或者wget直接下載源碼包。
wget https://www.clamav.net/downloads/production/clamav-0.102.0.tar.gz (下載可能有問題,windows下載上傳)
2.解壓
tar -zxf clamav-0.102.2.tar.gz
3.編譯安裝
cd clamav-0.102.2
./configure --prefix=/usr/local/clamav
make
make install
出現錯誤:
Your libcurl (e.g. libcurl-devel) is too old. Installing ClamAV with clamonacc requires libcurl 7.45 or higher. For a quick fix, run ./configure again with
--disable-clamonacc if you do not wish to use on-access scanning features. For more information on ClamAV's on-access scanner, please read our documentation:
https://www.clamav.net/documents/on-access-scanning#on-access-scanning
1、安裝repo
rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel7/x86_64/city-fan.org-release-2-1.rhel7.noarch.rpm
2、查看該 repo 包含的 curl 版本
yum --showduplicates list curl --disablerepo="*" --enablerepo="city*"
Loaded plugins: fastestmirror city-fan.org | 3.0 kB 00:00:00 city-fan.org-debuginfo | 3.0 kB 00:00:00 city-fan.org-source | 3.0 kB 00:00:00 (1/3): city-fan.org-debuginfo/7/primary_db | 39 kB 00:00:02 (2/3): city-fan.org-source/7/primary_db | 344 kB 00:00:03 (3/3): city-fan.org/7/primary_db | 489 kB 00:00:03 Loading mirror speeds from cached hostfile * city-fan.org: nervion.us.es * city-fan.org-debuginfo: www.city-fan.org * city-fan.org-source: nervion.us.es Installed Packages curl.x86_64 7.29.0-42.el7 @anaconda Available Packages curl.x86_64 7.62.0-1.0.cf.rhel7 city-fan.org
3、修改該repo的enable為1
vim /etc/yum.repos.d/city-fan.org.repo [city-fan.org] name=city-fan.org repository for Red Hat Enterprise Linux (and clones) $releasever ($basearch) #baseurl=http://mirror.city-fan.org/ftp/contrib/yum-repo/rhel$releasever/$basearch mirrorlist=http://mirror.city-fan.org/ftp/contrib/yum-repo/mirrorlist-rhel$releasever enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-city-fan.org
4、安裝最新的curl
yum install curl
Error: Package: libcurl-7.65.1-1.0.cf.rhel7.x86_64 (city-fan.org) Requires: libnghttp2.so.14()(64bit)
yum install epel-release -y
yum --enablerepo=epel install libnghttp2 -y && yum install libcurl -y
4.添加用戶組和組成員groupadd clamav
useradd -g clamav clamav
二、配置
1.創建日志目錄和病毒庫目錄
mkdir /usr/local/clamav/logs -p
mkdir /usr/local/clamav/updata -p
2. 創建日志文件
touch /usr/local/clamav/logs/clamd.log
touch /usr/local/clamav/logs/freshclam.log
3. 文件授權
chown clamav:clamav /usr/local/clamav/logs/clamd.log chown clamav:clamav /usr/local/clamav/logs/freshclam.log chown clamav:clamav /usr/local/clamav/updata
4. 修改配置文件
cp /usr/local/clamav/etc/clamd.conf.sample /usr/local/clamav/etc/clamd.conf
cp /usr/local/clamav/etc/freshclam.conf.sample /usr/local/clamav/etc/freshclam.conf
編輯這兩個配置文件內容
vim /usr/local/clamav/etc/clamd.conf #Example //注釋掉這一行 #添加以下內容 LogFile /usr/local/clamav/logs/clamd.log PidFile /usr/local/clamav/updata/clamd.pid DatabaseDirectory /usr/local/clamav/updata
vim /usr/local/clamav/etc/freshclam.conf #Example //注釋掉這一行 #添加以下內容 DatabaseDirectory /usr/local/clamav/updata UpdateLogFile /usr/local/clamav/logs/freshclam.log PidFile /usr/local/clamav/updata/freshclam.pid
三、執行
1. 更新病毒庫
/usr/local/clamav/bin/freshclam
2.殺毒掃描
參數:
-r 遞歸掃描子目錄
-i 只顯示發現的病毒文件
–no-summary 不顯示統計信息
用法:
--幫助
/usr/local/clamav/bin/clamscan --help
--默認掃描當前目錄下的文件,並顯示掃描結果統計信息
/usr/local/clamav/bin/clamscan
--掃描當前目錄下的所有目錄和文件,並顯示結果統計信息
/usr/local/clamav/bin/clamscan -r
--掃描data目錄下的所有目錄和文件,並顯示結果統計信息
/usr/local/clamav/bin/clamscan -r /data
--掃描data目錄下的所有目錄和文件,只顯示有問題的掃描結果
/usr/local/clamav/bin/clamscan -r --bell -i /data
--掃描data目錄下的所有目錄和文件,不顯示統計信息
/usr/local/clamav/bin/clamscan --no-summary -ri /data
例如:
/usr/local/clamav/bin/clamscan -r /data
一般使用計划任務,讓服務器每天定時更新和定時殺毒,保存殺毒日志。設置crontab定時任務。
1 3 * * * /usr/local/clamav/bin/freshclam --quiet 20 3 * * * /usr/local/clamav/bin/clamscan -r /home --remove -l /var/log/clamscan.log