[Linux] Anti-virus Clamav - iZero

Installation de l’anti-virus Clamav

Version de l’OS	Centos 6.8 – 7.3 / Ubuntu 16.04 – 18.04
Version de Clamav	0.99

Pré-requis

Dépôt epel pour Centos

Centos

Installer le repo EPEL

$ sudo yum install epel-release -y

1	$ sudo yum install epel-release -y

Installation du paquet clamav

$ sudo yum install clamav clamd

1	$ sudo yum install clamav clamd

Démarrer le service et le rendre automatique

$ sudo service clamd start
$ sudo chkconfig clamd on

1 2	$ sudo service clamd start $ sudo chkconfig clamd on

Mettre a jour les définitions

$ sudo /usr/bin/freshclam

1	$ sudo /usr/bin/freshclam

Automatisation d’un scan journalier

Création du script
SCAN_DIR correspond au répertoire a scanner
LOG_FILE le fichier de log du scan

$ sudo vim /etc/cron.daily/scan_auto_clamav

1	$ sudo vim /etc/cron.daily/scan_auto_clamav

#!/bin/bash
SCAN_DIR="/home"
LOG_FILE="/var/log/clamav/scan_auto_clamav.log"
/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE

#!/bin/bash

SCAN_DIR="/home"

LOG_FILE="/var/log/clamav/scan_auto_clamav.log"

/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE

rendre exécutable le script

$ sudo chmod +x /etc/cron.daily/scan_auto_clamav

1	$ sudo chmod +x /etc/cron.daily/scan_auto_clamav

Done!

Ubuntu

Installation de la source

$ sudo apt-get install clamav clamav-daemon

1	$ sudo apt-get install clamav clamav-daemon

Mettre a jour la base virale

$ sudo freshclam

1	$ sudo freshclam

ClamAV update process started at Wed Mar 29 19:35:21 2017
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
daily.cld is up to date (version: 23248, sigs: 1930982, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 291, sigs: 55, f-level: 63, builder: neo)

ClamAV update process started at Wed Mar 29 19:35:21 2017

main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)

daily.cld is up to date (version: 23248, sigs: 1930982, f-level: 63, builder: neo)

bytecode.cvd is up to date (version: 291, sigs: 55, f-level: 63, builder: neo)

/!\ si vous rencontrez l’erreur “ERROR: /var/log/clamav/freshclam.log is locked by another process” c’est que le process est en cours. il faut donc le rechercher et le tuer.

$ sudo ps aux | grep freshclam

1	$ sudo ps aux \| grep freshclam

clamav 998 0.0 0.2 134136 17616 ? Ss 18:31 0:00 /usr/bin/<span style="color: #ff0000;">freshclam</span> -d --foreground=true
bef 6585 0.0 0.0 14264 936 pts/17 S+ 18:35 0:00 grep --color=auto <span style="color: #ff0000;">freshclam</span>

1 2	clamav 998 0.0 0.2 134136 17616 ? Ss 18:31 0:00 /usr/bin/<span style="color: #ff0000;">freshclam</span> -d --foreground=true bef 6585 0.0 0.0 14264 936 pts/17 S+ 18:35 0:00 grep --color=auto <span style="color: #ff0000;">freshclam</span>

Puis

$ sudo kill -9 998

1	$ sudo kill -9 998

$ sudo killall freshclam

1	$ sudo killall freshclam

c’est déjà prêt !
pour faire un scan lancer la commande clamscan -r suivie du répertoire a scanner (/, home, download … )
le -r pour la récursivité

$ clamscan -r /home

1	$ clamscan -r /home

cela renvoie

----------- SCAN SUMMARY -----------
Known viruses: 6144113
Engine version: 0.99.2
Scanned directories: 251
Scanned files: 1296
Infected files: 0
Total errors: 27
Data scanned: 32.97 MB
Data read: 17.11 MB (ratio 1.93:1)
Time: 24.762 sec (0 m 24 s)

----------- SCAN SUMMARY -----------

Known viruses: 6144113

Engine version: 0.99.2

Scanned directories: 251

Scanned files: 1296

Infected files: 0

Total errors: 27

Data scanned: 32.97 MB

Data read: 17.11 MB (ratio 1.93:1)

Time: 24.762 sec (0 m 24 s)

Pour faire un scan journalier a 10h30

$ crontab -e

1	$ crontab -e

$ 30 10 * * * clamscan -r /repertoireascanner

1	$ 30 10 * * * clamscan -r /repertoireascanner

Pour utiliser une interface graphique, il faut installer le paquet clamtk

$ sudo apt install clamtk

1	$ sudo apt install clamtk

Ce qui donnera

Articles lus : 2 171

No votes yet.

Please wait...

Voting is currently disabled, data maintenance in progress.

Laisser un commentaire Annuler la réponse