2015年6月10日水曜日

clamav

https://wiki.archlinux.org/index.php/ClamAV をみて

1) pacman -S clamav

2) freshclam

3)
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/lib/clamav/clamd.sock: No such file or directory
がでたので
 
# touch /var/lib/clamav/clamd.sock
# chown clamav:clamav /var/lib/clamav/clamd.sock
 
4)もう一度 freshclam すると
 ClamAV update process started at Wed Jun 10 01:33:35 2015
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
daily.cvd is up to date (version: 20557, sigs: 1423118, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 256, sigs: 45, f-level: 63, builder: dgoddard)


5)で


wget -O- http://www.eicar.org/download/eicar.com.txt | clamscan -


したら 


 


 


stdin: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 3841799
Engine version: 0.98.7
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 40.088 sec (0 m 40 s)


なって clamscan の テストはOK。




 


6)# systemctl start clamd
Job for clamd.service failed. See "systemctl status clamd.service" and "journalctl -xe" for details.


といけない。








 


今 /etc/clamav/freshclam.conf は


DatabaseMirror database.clamav.net
NotifyClamd /etc/clamav/clamd.conf


 

また 今 /etc/clamav/clamd.conf は


LogFile /var/log/clamav/clamd.log
LogTime yes
PidFile /run/clamav/clamd.pid
TemporaryDirectory /tmp
LocalSocket /var/lib/clamav/clamd.sock
User clamav


 


 


しかし 再起動して


systemctl start clamd

がうまく動かない。


 






 




で clamd , clamdscan は 今はあきらめて


 


 


 


 


clamscan.bat (clamscanは遅いのですが)



 


 http://www.cloud-memo.com/2014/04/clamscan.html  をみて


 




#!/bin/sh
## Scan
clamscan -ri $1    > /var/log/clamav/scan.log
## Mail Send
cat /var/log/clamav/scan.log | mail -s "Scan Report" root@localhost
exit



 


 


 


 


 


 


 


http://www.kernel-panic.it/openbsd/mail/mail6.html
をみて


 


 





/etc/freshclam.conf




# Comment or remove the line below.
#Example
DatabaseDirectory /var/db/clamav
DatabaseOwner  _clamav
DNSDatabaseInfo  current.cvd.clamav.net
DatabaseMirror  db.it.clamav.net
DatabaseMirror  database.clamav.net
MaxAttempts  3
checks   24
















/etc/clamd.conf



# Comment or remove the line below. 



#Example 



DatabaseDirectory  /var/db/clamav 



TCPAddr             127.0.0.1 



TCPSocket           3310 



User                _clamav 



LogSyslog           yes 



LogFacility         LOG_MAIL




 


pacman -S cronie




crontab -eを


16 * * * * /usr/bin/freshclam >/dev/null 2>&1


とする。




















投稿者



時刻:







































0 件のコメント:















コメントを投稿


























        

      









登録:
コメントの投稿 (Atom)