久久精品水蜜桃av综合天堂,久久精品丝袜高跟鞋,精品国产肉丝袜久久,国产一区二区三区色噜噜,黑人video粗暴亚裔

CentOS/病毒查殺系統(tǒng)的構(gòu)建

來自站長百科
跳轉(zhuǎn)至: 導(dǎo)航、? 搜索

CentOS | CentOS安裝 | CentOS使用手冊

UNIX下的殺毒軟件有好多是商業(yè)版本的。但和Windows系統(tǒng)下一樣,殺毒軟件的質(zhì)量決定于病毒庫的量已及更新的速度。在這里,我們使用自由軟件Clam AntiVirus來建立Linux下的病毒查殺系統(tǒng)。并且為了消除后來的隱患,建議務(wù)必在服務(wù)器公開以前構(gòu)建病毒查殺系統(tǒng)。

安裝Clam AntiVirus[ ]

由于Clam Antivirus不存在于CentOSyum的官方庫中,所以用yum安裝Clam Antivirus需要定義非官方的庫。請先確認(rèn)相應(yīng)非官方庫文件的存在。 

[root@sample ~]# ls -l /etc/yum.repos.d/dag.repo  ← 確認(rèn)相應(yīng)庫文件的存在性

-rw-r--r-- 1 root root 143 Oct 1 21:33 /etc/yum.repos.d/dag.repo 
← 確認(rèn)其存在(否則不能通過yum安裝Clamd)

如果以上,dag.repo文件不存在,則不能通過yum安裝Clam Antivirus,需要定義非官方庫。而且,在此前提下也要保證所定義的dag.repo文件的語法的正確性。

然后,通過yum來在線安裝Clam Antivirus 。 

[root@sample ~]# yum -y install clamd  ← 在線安裝 Clam AntiVirus 
Setting up Install Process
Setting up repositories
dag 100% |=========================| 1.1 kB 00:00
update 100% |=========================| 951 B 00:00
base 100% |=========================| 1.1 kB 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 1.6 MB 00:08
dag : ################################################## 4610/4610
Added 4610 new packages, deleted 0 old in 94.91 seconds
primary.xml.gz 100% |=========================| 103 kB 00:05
update : ################################################## 256/256
Added 56 new packages, deleted 0 old in 4.25 seconds
Reducing Dag RPM Repository for Red Hat Enterprise Linux to included packages only
Finished
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamd to pack into transaction set.
clamd-0.88.4-1.el4.rf.i38 100% |=========================| 5.3 kB 00:00
---> Package clamd.i386 0:0.88.4-1.el4.rf set to be updated
--> Running transaction check
--> Processing Dependency: clamav = 0.88.4-1.el4.rf for package: clamd
--> Processing Dependency: libclamav.so.1 for package: clamd
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav to pack into transaction set.
clamav-0.88.4-1.el4.rf.i3 100% |=========================| 8.1 kB 00:00
---> Package clamav.i386 0:0.88.4-1.el4.rf set to be updated
--> Running transaction check
--> Processing Dependency: clamav-db = 0.88.4-1.el4.rf for package: clamav
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav-db to pack into transaction set.
clamav-db-0.88.4-1.el4.rf 100% |=========================| 3.2 kB 00:00
---> Package clamav-db.i386 0:0.88.4-1.el4.rf set to be updated
--> Running transaction check
Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
clamd i386 0.88.4-1.el4.rf dag 64 k
Installing for dependencies:
clamav i386 0.88.4-1.el4.rf dag 724 k
clamav-db i386 0.88.4-1.el4.rf dag 5.6 M

Transaction Summary
=============================================================================
Install 3 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 6.4 M
Downloading Packages:
(1/3): clamd-0.88.4-1.el4 100% |=========================| 64 kB 00:01
(2/3): clamav-0.88.4-1.el 100% |=========================| 724 kB 00:04
(3/3): clamav-db-0.88.4-1 100% |=========================| 5.6 MB 00:25
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: clamav-db ######################### [1/3]
Installing: clamav ######################### [2/3]
Installing: clamd ######################### [3/3]

Installed: clamd.i386 0:0.88.4-1.el4.rf
Dependency Installed: clamav.i386 0:0.88.4-1.el4.rf clamav-db.i386 0:0.88.4-1.el4.rf
Complete!   ← 安裝完畢!

配置Clam AntiVirus[ ]

接下來配置 Clam Antivirus 。 

[root@sample ~]# vi /etc/clamd.conf  ← 修改clamd的配置文件

ArchiveBlockMax ← 找到這一行,在行首加上“#”(不把大容量的壓縮文件看作被感染病毒的文件)
 ↓
#ArchiveBlockMax ← 變?yōu)榇藸顟B(tài)

User clamav  ← 找到這一行,在行首加上“#”(不允許一般用戶控制)
 ↓
#User clamav  ← 變?yōu)榇藸顟B(tài)

運(yùn)行Clam AntiVirus[ ]

讓Clam Antivirus 開始運(yùn)行,并設(shè)置其為自啟動。 

[root@sample ~]# chkconfig clamd on   ← 將其設(shè)置為自系統(tǒng)啟動后啟動

[root@sample ~]# chkconfig --list clamd
clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off  ← 確認(rèn)2--5為on的狀態(tài)就OK

[root@sample ~]# /etc/rc.d/init.d/clamd start  ← 啟動clamd服務(wù)(運(yùn)行Clam AntiVirus)

Starting Clam AntiVirus Daemon:      [ OK ]  ← 啟動成功

更新Clam AntiVirus的病毒庫[ ]

安裝后建議立即更新病毒庫,以保證最新病毒的查殺。 

[root@sample ~]# freshclam  ← 更新clam的病毒庫

ClamAV update process started at Fri Aug 25 18:39:26 2006
Downloading main.cvd [*]
main.cvd updated (version: 40, sigs: 64138, f-level: 8, builder: tkojm)
Downloading daily.cvd [*]
daily.cvd updated (version: 1728, sigs: 2565, f-level: 8, builder: ccordes)
Database updated (66703 signatures) from db.cn.clamav.net (IP: 58.221.253.171)
Clamd successfully notified about the update.

病毒掃描[ ]

然后進(jìn)行病毒掃描的測試,在這里,我們首先下載測試用的病毒文件。 

[root@sample ~]# clamdscan  ← 進(jìn)行病毒掃描

/root: OK
----------- SCAN SUMMARY -----------
Infected files: 0  ← 沒有發(fā)現(xiàn)病毒
Time: 5.074 sec (0 m 5 s)

[root@sample ~]# wget http://www.eicar.org/download/eicar.com  ← 下載帶毒文件

[root@sample ~]# wget http://www.eicar.org/download/eicar_com.zip  ← 下載帶毒文件

然后,再次進(jìn)行病毒到描。附加“remove”選項(xiàng)后,會在查出病毒后自動刪除染毒文件。 

[root@sample ~]# clamdscan --remove  ← 再次進(jìn)行病毒掃描,并附加刪除選項(xiàng)

/root/eicar.com: Eicar-Test-Signature FOUND  ← 發(fā)現(xiàn)被病毒感染的文件
/root/eicar.com: Removed.  ← 刪除被病毒感染的文件
/root/eicar_com.zip: Eicar-Test-Signature FOUND  ← 發(fā)現(xiàn)被病毒感染的文件
/root/eicar_com.zip: Removed.  ← 刪除被病毒感染的文件 ----------- SCAN SUMMARY -----------
Infected files: 2 
Time: 2.201 sec (0 m 2 s)

讓病毒掃描定期運(yùn)行[ ]

[root@sample ~]# vi scan.sh  ← 建立自動掃描腳本,如下:
#!/bin/bash

PATH=/usr/bin:/bin
CLAMSCANTMP=`mktemp`
clamdscan --recursive --remove / > $CLAMSCANTMP
[ ! -z "$(grep FOUND$ $CLAMSCANTMP)" ] && \
grep FOUND $CLAMSCANTMP | mail -s "Virus Found in `hostname`" root
rm -f $CLAMSCANTMP

[root@sample ~]# chmod 700 scan.sh  ← 賦予腳本可被執(zhí)行的權(quán)限

[root@sample ~]# crontab -e   ← 編輯計劃任務(wù),添加如下行

00 03 * * * /root/scan.sh   ← 添加這一行,讓其在每天3點(diǎn)鐘執(zhí)行掃描

參考來源[ ]

http://www.centospub.com/make/antivirus.html

CentOS使用手冊導(dǎo)航

CentOS安裝

CentOS安裝 | 系統(tǒng)安裝后的初始環(huán)境設(shè)置 | 服務(wù)器方式安裝CentOS 5

CentOS使用手冊

使用RPM管理包 | 使用YUM工具更新系統(tǒng) | 使用rsync服務(wù) | 使用rsync同步 | 使用tar備份 | 使用tar恢復(fù)文件 | Samba 服務(wù)器的構(gòu)建 | 用SWAT讓Samba服務(wù)器的管理溫和化 | SMTP服務(wù)器的構(gòu)建 | POP/IMAP服務(wù)器的構(gòu)建 | 病毒查殺系統(tǒng)的構(gòu)建 | 入侵監(jiān)測系統(tǒng)的構(gòu)建 | 用OpenSSH構(gòu)建SSH服務(wù)器 | 用SSH客戶端軟件登錄到服務(wù)器 | 讓服務(wù)器支持安全HTTP協(xié)議 | 開放一般用戶的網(wǎng)頁發(fā)布權(quán)限 | 虛擬主機(jī)的構(gòu)建 | Servlet/JSP服務(wù)器的構(gòu)建 | 基于日志的站點(diǎn)統(tǒng)計系統(tǒng)的構(gòu)建 | 構(gòu)建MySQL數(shù)據(jù)庫服務(wù)器 | 用phpMyAdmin讓MySQL數(shù)據(jù)庫管理溫和化 | 數(shù)據(jù)庫的自動備份與恢復(fù) | 用ProFTPD構(gòu)建FTP服務(wù)器 | 用FTP客戶端軟件連接到服務(wù)器