(http://sourceforge.net/projects/clamav/files/clamav/)
HAVP
(http://www.server-side.de/download/havp-0.92.tar.gz)
一.安裝 Clam AntiVirus
[root@CentOS ~]#cd /usr/src
[root@CentOS src]#wget http://sourceforge.net/projects/clamav/files/clamav/0.96.2/clamav-0.96.2.tar.gz/download
.....
[root@CentOS src]#groupadd clamav && useradd -g clamav -M clamav
[root@CentOS src]#tar zxvf clamav-0.96.2.tar.gz
[root@CentOS src]# cd clamav-0.96.2
[root@CentOS clamav-0.96.2]#./configure
(請先安裝zlib and zlib-devel)
....
[root@CentOS clamav-0.96.2]#make && make install
.....
[root@CentOS clamav-0.96.2]#mkdir /var/log/clamav
[root@CentOS clamav-0.96.2]#chown clamav:clamav /var/log/clamav
[root@CentOS clamav-0.96.2]#cp /usr/local/etc/clamd.conf /usr/local/etc/clamd.conf.bak
[root@CentOS clamav-0.96.2]#vi /usr/local/etc/clamd.conf
修改部分
===========================================
#Example
LogFile /var/log/clamav/clamav.log
LogVerbose yes
LogTime yes
PidFile /var/run/clamd.pid
DatabaseDirectory /usr/local/share/clamav
===========================================
[root@CentOS clamav-0.96.2]#vi /usr/local/etc/freshclam.conf
(設定freshclam.conf)
===========================================
#Example
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog yes
LogVerbose yes
===========================================
[root@CentOS clamav-0.96.2]#/usr/local/bin/freshclam
(執行freshclam病毒碼更新)
二.安裝HAVP
[root@CentOS src]#wget http://www.server-side.de/download/havp-0.92.tar.gz
[root@CentOS src]#tar zxvf havp-0.92.tar.gz
....
[root@CentOS src]#cd havp-0.92
[root@CentOS havp-0.92]#./configure
(yum install gcc-c++)
[root@CentOS havp-0.92]#make && make install
[root@CentOS havp-0.92]#groupadd havp && useradd -g havp -M havp
[root@CentOS havp-0.92]#chown havp:havp /var/log/havp /var/run/havp
[root@CentOS havp-0.92]#vi /usr/local/etc/havp/havp.config
===========================================
#REMOVETHISLINE deletem
ENABLECLAMLIB true
CLAMDBDIR /usr/local/share/clamav
TEMPDIR /tmp
SCANIMAGES false #(不使用圖片掃瞄 )
# TRANSPARENT true (若要單獨使用 HAVP 當 Proxy 則拿掉註解)
# PARENTPROXY 127.0.0.1 (若有 ParentProxy 就拿掉這兩行 , 跟上面這行擇一使用)
# PARENTPORT 3128
......
三.(使用 1G 硬碟空間建立虛擬磁碟)
[root@CentOS havp-0.92]#dd if=/dev/zero of=/root/havp_tmp.img bs=1024K count=1 seek=1024
[root@CentOS havp-0.92]#mkfs.ext2 /root/havp_tmp.img
[root@CentOS havp-0.92]#mount -o loop,mand /root/havp_tmp.img /var/tmp/havp
[root@CentOS havp-0.92]#chown havp:havp /var/tmp/havp
[root@CentOS havp-0.92]#vi /etc/rc.d/rc.local
(開機啟動虛擬硬碟)
mount -o loop,mand /root/havp_tmp.img /var/tmp/havp
[root@CentOS havp-0.92]#vi /etc/ld.so.conf
/usr/local/lib
[root@CentOS havp-0.92]#ldconfig
(更新 shared libraries 資料庫 (for ClamAV) )
[root@CentOS havp-0.92]#cp /usr/src/havp-0.92/etc/init.d/havp /etc/init.d
[root@CentOS havp-0.92]#/etc/init.d/havp start
[root@CentOS havp-0.92]#vi /etc/rc.d/rc.local
/etc/init.d/havp start
[root@CentOS havp-0.92]#iptables -A PREROUTING -p tcp -s 192.168.1.0/24 --dport 80 -j REDIRECT --to-port 8080
測試網頁:http://www.eicar.org/anti_virus_test_file.htm
不過這好想是讓人心安的防毒 ,我試著從網路找尋 2010病毒包
http://rs568.rapidshare.com/files/395560382/528.zip
果然很順利的讓我下載下來了....
沒有留言:
張貼留言