centos7上安裝殺毒軟件 clamAV

Install and Configure ClamAV on CentOS 7

 

yum install -y epel-release

yum install -y clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

 

修改配置文件

cp /etc/clamd.d/scan.conf /etc/clamd.d/scan.conf.backup

sed -i ‘/^Example/d’ /etc/clamd.d/scan.conf

sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

 

vim /etc/clamd.d/scan.conf

User clamscan

LocalSocket /var/run/clamd.scan/clamd.sock

 

cp /etc/freshclam.conf /etc/freshclam.conf.bak

sed -i ‘/^Example/d’ /etc/freshclam.conf

 

更新病毒庫

freshclam

 

設置按期更新病毒庫（可選）

crontab -e

00 01,13 * * * /usr/bin/freshclam --quiet

 

由於freshclam不是系統服務，可新建以下

vim /usr/lib/systemd/system/freshclam.service

[Unit]

Description = freshclam scanner

After = network.target

 

[Service]

Type = forking

ExecStart = /usr/bin/freshclam -d -c 2   #一天更新兩次

Restart = on-failure

PrivateTmp = true

 

[Install]

WantedBy=multi-user.target

 

systemctl enable freshclam.service

systemctl start freshclam.service

systemctl status freshclam.service

 

啓動查殺服務

 

systemctl enable clamd@scan.service

systemctl start clamd@scan.service

systemctl status clamd@scan.service

 

查看clamAV的配置信息：

clamconf

 

 

測試一下：下載個含病毒的文件並殺掉

wget http://www.eicar.org/download/eicar_com.zip

clamscan --infected --remove --recursive .

clamscan --infected --remove --recursive . ./eicar_com.zip: Eicar-Test-Signature FOUND ./eicar_com.zip: Removed.

removed說明可用

 

 

查殺兩個目錄

clamscan --infected --remove --recursive /home /root

 

掃描整個系統

clamscan --infected --recursive --exclude-dir="^/sys" /