ps做网站动图电脑做软件的app

当前位置： 首页 > news >正文

ps做网站动图,电脑做软件的app,广州海珠区是市中心吗,越秀企业网站建设ClamAV是一个C语言开发的开源病毒扫描工具用于检测木马/病毒/恶意软件等。可以在线更新病毒库#xff0c;Linux系统的病毒较少#xff0c;但是并不意味着病毒免疫#xff0c;尤其是对于诸如邮件或者归档文件中夹杂的病毒往往更加难以防范#xff0c;而ClamAV则能起到不少作… ClamAV是一个C语言开发的开源病毒扫描工具用于检测木马/病毒/恶意软件等。可以在线更新病毒库Linux系统的病毒较少但是并不意味着病毒免疫尤其是对于诸如邮件或者归档文件中夹杂的病毒往往更加难以防范而ClamAV则能起到不少作用。 ClamAV相关信息如下 项目详细官方地址http://www.clamav.net/下载地址http://www.clamav.net/downloads当前稳定版本0.99.2 功能特性 项目详细主要用途邮件网关的病毒扫描内建支持多种邮件格式高性能提供多线程的扫描进程命令行提供密令行扫描方式扫描对象可以对要发送的邮件或者文件进行扫描文件格式支持多种文件格式病毒库更新频度一天多次病毒库的更新归档文件支持扫描多种归档文件,比如Zip, RAR, Dmg, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS等文档支持流行的文档文件比如 MS Office文件MacOffice文件, HTML, Flash, RTFPDF 安装方式 项目详细CENTOS/RHELyum -y install clamavUbuntu/Debianapt-get install clamav 注意centos上的clamd是在epel-release下需要现行安装epel-release。 如果使用源码安装方式的话保证C编译器和ZLIB等存在的情况下对源码./configure-make-make install即可。 安装日志 [rootliumiaocn ~]# yum -y install epel-release Loaded plugins: fastestmirror …Package : centos-release-7-3.1611.el7.centos.x86_64 (anaconda)From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Running transaction check Running transaction test Transaction test succeeded Running transactionInstalling : epel-release-7-9.noarch ¹⁄₁ Verifying : epel-release-7-9.noarch ¹⁄₁ Installed:epel-release.noarch 0:7-9 Complete! [rootliumiaocn ~]#
[rootliumiaocn ~]# yum -y install clamav Loaded plugins: fastestmirror … Running transactionInstalling : clamav-filesystem-0.99.2-8.el7.noarch ¹⁄₄ Installing : clamav-data-0.99.2-8.el7.noarch ²⁄₄ Installing : clamav-lib-0.99.2-8.el7.x86_64 ³⁄₄ Installing : clamav-0.99.2-8.el7.x86_64 ⁴⁄₄ Verifying : clamav-lib-0.99.2-8.el7.x86_64 ¹⁄₄ Verifying : clamav-data-0.99.2-8.el7.noarch ²⁄₄ Verifying : clamav-0.99.2-8.el7.x86_64 ³⁄₄ Verifying : clamav-filesystem-0.99.2-8.el7.noarch ⁴⁄₄ Installed:clamav.x86_64 0:0.99.2-8.el7 Dependency Installed:clamav-data.noarch 0:0.99.2-8.el7 clamav-filesystem.noarch 0:0.99.2-8.el7 clamav-lib.x86_64 0:0.99.2-8.el7 Complete! [rootliumiaocn ~]# 版本确认 [rootliumiaocn ~]# clamscan –version ClamAV 0.99.2/21723/Mon Jun 13 09:53:00 2016 [rootliumiaocn ~]#
扫描 使用clamscan命令行对某一目录进行扫描可以确认结果是否OK同时会给出一个扫描的总体信息其中Infected files是扫描出来的被感染的文件个数。比如如下示例表明对/root目录下的文件进行扫描未发现感染文件的情况。 [rootliumiaocn ~]# clamscan /root LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: ************************************************** /root/.bash_logout: OK /root/.bash_profile: OK /root/.bashrc: OK /root/.cshrc: OK /root/.tcshrc: OK /root/anaconda-ks.cfg: OK /root/.bash_history: OK———– SCAN SUMMARY ———– Known viruses: 4490129 Engine version: 0.99.2 Scanned directories: 1 Scanned files: 7 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 19.365 sec (0 m 19 s) [rootliumiaocn ~]#
注意此处提示“The virus database is older than 7 days!”的原因在于病毒库没有及时更新。因为使用yum缺省安装目前的版本似乎不会自动安装freshclam的病毒库更新功能后面我们会使用源码安装方式来解决这个问题。 模拟病毒文件 从eicar.org下载一个用于模拟病毒的文件看一下clamav是否能够扫描出来 [rootliumiaocn ~]# wget http://www.eicar.org/download/eicar.com –2017-08-02 23:03:10– http://www.eicar.org/download/eicar.com Resolving www.eicar.org (www.eicar.org)… 213.211.198.62 Connecting to www.eicar.org (www.eicar.org)|213.211.198.62|:80… connected. HTTP request sent, awaiting response… 200 OK Length: 68 [application/octet-stream] Saving to: ‘eicar.com’100%[] 68 –.-K/s in 0s 2017-08-02 23:03:20 (318 KB/s) - ‘eicar.com’ saved [⁶⁸⁄₆₈][rootliumiaocn ~]# ls anaconda-ks.cfg eicar.com [rootliumiaocn ~]# pwd /root 重新扫描 重新扫描看是否能够检测出新下载的病毒测试文件。进过测试发现结果中提示“/root/eicar.com: Eicar-Test-Signature FOUND”同时“Infected files: 1”说明此病毒文件被检测出来了 [rootliumiaocn ~]# clamscan /root LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: ************************************************** /root/.bash_logout: OK /root/.bash_profile: OK /root/.bashrc: OK /root/.cshrc: OK /root/.tcshrc: OK /root/anaconda-ks.cfg: OK /root/.bash_history: OK /root/eicar.com: Eicar-Test-Signature FOUND———– SCAN SUMMARY ———– Known viruses: 4490129 Engine version: 0.99.2 Scanned directories: 1 Scanned files: 8 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 21.129 sec (0 m 21 s) [rootliumiaocn ~]#
但是缺省的方式下clamscan只会检测不会自动删除文件 [rootliumiaocn ~]# ls anaconda-ks.cfg eicar.com [rootliumiaocn ~]#
扫描并删除感染文件 使用–remove选项会直接删除检测出来的文件。 [rootliumiaocn ~]# clamscan –remove /root LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: ************************************************** /root/.bash_logout: OK /root/.bash_profile: OK /root/.bashrc: OK /root/.cshrc: OK /root/.tcshrc: OK /root/anaconda-ks.cfg: OK /root/.bash_history: OK /root/eicar.com: Eicar-Test-Signature FOUND /root/eicar.com: Removed.———– SCAN SUMMARY ———– Known viruses: 4490129 Engine version: 0.99.2 Scanned directories: 1 Scanned files: 8 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 23.546 sec (0 m 23 s) [rootliumiaocn ~]# ls anaconda-ks.cfg [rootliumiaocn ~]# 源码安装方式 目前使用yum源安装病毒库的更新相关的仍需手动操作所以可以考虑使用源码安装方式。 下载源码 项目详细下载命令wget http://www.clamav.net/downloads/production/clamav-0.99.2.tar.gz 解压 项目详细解压命令tar xvpf clamav-0.99.2.tar.gz变更目录cd clamav-0.99.2 编译前依赖 项目详细安装gccyum install gcc -y安装opensslyum install openssl openssl-devel -y创建目录mkdir -p /usr/local/clamav config make make install 项目详细config./configure –prefix/usr/local/clamavmakemakemake installmake install 安装后确认 [rootliumiaocn clamav-0.99.2]# ls /usr/local/clamav/bin clamav-config clambc clamconf clamdscan clamscan freshclam sigtool [rootliumiaocn clamav-0.99.2]# /usr/local/clamav/bin/clamscan –version ClamAV 0.99.2 [rootliumiaocn clamav-0.99.2]#
注意此时如果执行clamscan进行扫描会提示如下问题。 [rootliumiaocn clamav-0.99.2]# /usr/local/clamav/bin/clamscan /root LibClamAV Error: cl_load(): No such file or directory: /usr/local/clamav/share/clamav ERROR: Cant get file status———– SCAN SUMMARY ———– Known viruses: 0 Engine version: 0.99.2 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 0.002 sec (0 m 0 s) [rootliumiaocn clamav-0.99.2]#
查看源码之后发现其实很简单此时需要有可用的病毒库文件同时用户和组的权限也需要设定。整体的顺序按照 项目详细Step 1创建用户和组Step 2创建目录并设定权限Step 3拷贝和更新设定文件Step 4更新病毒库Step 5扫描病毒 设定 Step 1: 创建用户和组 项目详细创建groupgroupadd clamav创建用户useradd -g clamav clamav Step 2: 创建目录并设定权限 创建目录 目录详细logs存放日志信息database存放更新病毒库信息worktmp存放pid等临时文件或状态文件信息 [rootliumiaocn clamav]# pwd /usr/local/clamav [rootliumiaocn clamav]# ls bin etc include lib64 sbin share [rootliumiaocn clamav]# mkdir -p logs database worktmp [rootliumiaocn clamav]# 设定权限 [rootliumiaocn clamav]# pwd /usr/local/clamav [rootliumiaocn clamav]# chown clamav:clamav database [rootliumiaocn clamav]# Step 3: 拷贝和更新设定文件 拷贝生成设定文件 目录源文件目标文件/usr/local/clamav/etcclamd.conf.sampleclamd.conf/usr/local/clamav/etcfreshclam.conf.samplefreshclam.conf [rootliumiaocn etc]# pwd /usr/local/clamav/etc [rootliumiaocn etc]# cp clamd.conf.sample clamd.conf [rootliumiaocn etc]# cp freshclam.conf.sample freshclam.conf [rootliumiaocn etc]# ls clamd.conf clamd.conf.sample freshclam.conf freshclam.conf.sample [rootliumiaocn etc]#
生成病毒库更新日志文件 [rootliumiaocn etc]# touch /usr/local/clamav/logs/freshclam.log [rootliumiaocn etc]# chown clamav:clamav /usr/local/clamav/logs/freshclam.log [rootliumiaocn etc]# 修改文件 [rootliumiaocn etc]# ls clamd.conf clamd.conf.sample freshclam.conf freshclam.conf.sample [rootliumiaocn etc]# vi clamd.conf [rootliumiaocn etc]# vi freshclam.conf [rootliumiaocn etc]# diff clamd.conf clamd.conf.sample 14c14LogFile /usr/local/clamav/logs/clamd.log —#LogFile /tmp/clamd.log 66c66PidFile /var/clamav/worktmp/clamd.pid —#PidFile /var/run/clamd.pid 74c74DatabaseDirectory /var/lib/clamav/database —#DatabaseDirectory /var/lib/clamav [rootliumiaocn etc]# [rootliumiaocn etc]# diff freshclam.conf freshclam.conf.sample 8c8#Example —Example 13c13DatabaseDirectory /usr/local/clamav/database/ —#DatabaseDirectory /var/lib/clamav 17c17UpdateLogFile /usr/local/clamav/logs/freshclam.log —#UpdateLogFile /var/log/freshclam.log 51c51PidFile /usr/local/clamav/worktmp/freshclam.pid —#PidFile /var/run/freshclam.pid [rootliumiaocn etc]#
其实本次示例中只需保证freshclam.conf文件正确设定即可保证ClamAV正常动作。 更新病毒库 在设定freshclam.conf之后使用freshclam命令即可联网更新病毒库至database目录了, 首次更新稍微会花一点时间。 [rootliumiaocn etc]# /usr/local/clamav/bin/freshclam ClamAV update process started at Fri Aug 4 22:39:40 2017 Trying host database.clamav.net (69.12.162.28)… Downloading main.cvd [100%] main.cvd updated (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) Downloading daily.cvd [100%] daily.cvd updated (version: 23629, sigs: 1741893, f-level: 63, builder: neo) Downloading bytecode.cvd [100%] bytecode.cvd updated (version: 308, sigs: 66, f-level: 63, builder: anvilleg) Database updated (6308208 signatures) from database.clamav.net (IP: 69.12.162.28) [rootliumiaocn etc]#
更新之后 [rootliumiaocn clamav]# pwd /usr/local/clamav [rootliumiaocn clamav]# ls database/ bytecode.cvd daily.cvd main.cvd mirrors.dat [rootliumiaocn clamav]#
扫描病毒 下载病毒测试文件 [rootliumiaocn ~]# ls anaconda-ks.cfg [rootliumiaocn ~]# wget http://www.eicar.org/download/eicar.com –2017-08-04 23:00:41– http://www.eicar.org/download/eicar.com Resolving www.eicar.org (www.eicar.org)… 213.211.198.62 Connecting to www.eicar.org (www.eicar.org)|213.211.198.62|:80… connected. HTTP request sent, awaiting response… 200 OK Length: 68 [application/octet-stream] Saving to: ‘eicar.com’100%[] 68 –.-K/s in 0.001s 2017-08-04 23:00:43 (92.3 KB/s) - ‘eicar.com’ saved [⁶⁸⁄₆₈][rootliumiaocn ~]# ls anaconda-ks.cfg eicar.com [rootliumiaocn ~]#
扫描并删除感染文件 [rootliumiaocn ~]# /usr/local/clamav/bin/clamscan –remove /root /root/.bash_logout: OK /root/.bash_profile: OK /root/.bashrc: OK /root/.cshrc: OK /root/.tcshrc: OK /root/anaconda-ks.cfg: OK /root/.bash_history: OK /root/eicar.com: Eicar-Test-Signature FOUND /root/eicar.com: Removed.———– SCAN SUMMARY ———– Known viruses: 6302548 Engine version: 0.99.2 Scanned directories: 1 Scanned files: 8 Infected files: 1 Data scanned: 0.01 MB Data read: 0.00 MB (ratio 2.00:1) Time: 22.310 sec (0 m 22 s) [rootliumiaocn ~]# ls anaconda-ks.cfg [rootliumiaocn ~]#
总结 ClamAV提供和方便的命令行方式进行集成保持更新的病毒库给开源的安全方案提供了一种选择。