[8] Clamav AntiVirus – Instalacja

4 lutego 2022 Wyłączono przez Adam [zicherka] Nogły

Zainstaluj Clam AntiVirus, aby chronić swój system przed wirusami.

[1] Zainstaluj Clamav.

#zainstaluj z EPEL
[root@vlsr01 ~]# dnf --enablerepo=epel install clamav clamav-update

[root@vlsr01 ~]# mcedit /etc/freshclam.conf
#linia8: zakomentuj – jeśli ma działać ;-)
#Example

#zaktualizuj bazę wirusów
[root@vlsr01 ~]# freshclam
ClamAV update process started at Thu Feb  3 22:13:16 2022
daily database available for download (remote version: 26442)
Time:   10.2s, ETA:    0.0s [========================>]   55.08MiB/55.08MiB
Testing database: '/var/lib/clamav/tmp.ea801776e8/clamav-17a65bdaf2a6687f9028a9ef392cb3bd.tmp-daily.cvd' ...
Database test passed.
daily.cvd updated (version: 26442, sigs: 1972984, f-level: 90, builder: raynman)
main database available for download (remote version: 62)
Time:   28.8s, ETA:    0.0s [========================>]  162.58MiB/162.58MiB
Testing database: '/var/lib/clamav/tmp.ea801776e8/clamav-ce3325cedea8c3927ad1eccd73796b81.tmp-main.cvd' ...
Database test passed.
main.cvd updated (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode database available for download (remote version: 333)
Time:    0.2s, ETA:    0.0s [========================>]  286.79KiB/286.79KiB
Testing database: '/var/lib/clamav/tmp.ea801776e8/clamav-db77715db9589088dd8aef60bebc3822.tmp-bytecode.cvd' ...
Database test passed.
bytecode.cvd updated (version: 333, sigs: 92, f-level: 63, builder: awillia2)

[2] Przeskanuj system.

#przeskanuj /home
[root@vlsr01 ~]# clamscan --infected --remove --recursive /home
----------- SCAN SUMMARY -----------
Known viruses: 8605057
Engine version: 0.103.5
Scanned directories: 3840
Scanned files: 7721
Infected files: 0
Data scanned: 301.80 MB
Data read: 273.05 MB (ratio 1.11:1)
Time: 98.310 sec (1 m 38 s)
Start Date: 2022:02:04 10:25:37
End Date:   2022:02:04 10:27:16

#pobierz testowy wirus
[root@vlsr01 ~]# wget https://www.eicar.org/download/eicar.com
--2022-02-04 10:28:20--  https://www.eicar.org/download/eicar.com
Translacja www.eicar.org (www.eicar.org)... 89.238.73.97, 2a00:1828:1000:2497::2
Łączenie się z www.eicar.org (www.eicar.org)|89.238.73.97|:443... połączono.
Żądanie HTTP wysłano, oczekiwanie na odpowiedź... 200 OK
Długość: 68 [application/x-msdownload]
Zapis do: `eicar.com'
eicar.com             100%[=========================>]      68  --.-KB/s     w 0s
2022-02-04 10:28:21 (157 MB/s) - zapisano `eicar.com' [68/68]

#przeskanuj, znajdź i usuń wirusa
[root@vlsr01 ~]# clamscan --infected --remove --recursive .
/root/eicar.com: Win.Test.EICAR_HDB-1 FOUND
/root/eicar.com: Removed.
----------- SCAN SUMMARY -----------
Known viruses: 8605057
Engine version: 0.103.5
Scanned directories: 1089
Scanned files: 1377
Infected files: 1
Data scanned: 101.21 MB
Data read: 41.86 MB (ratio 2.42:1)
Time: 45.654 sec (0 m 45 s)
Start Date: 2022:02:04 10:28:44
End Date:   2022:02:04 10:29:29