当前位置:网站首页>Installation and use of anti-virus software ClamAV
Installation and use of anti-virus software ClamAV
2022-07-27 03:43:00 【Qingxiao】
Catalog
Two 、 install ClamAV、clamdscan
3、 ... and 、 Update database manually
5、 ... and 、python Determine whether virus is detected
One 、clamAV Introduce
- clamscan command : Universal , Not dependent on services , There are many command parameters , Execution speed is a little slower
- clamdscan command : It's a collocation clamd often Resident service Anti drug tools , The function is very similar clamscan, High efficiency of execution , But there are fewer parameters available ( Because some functions are made of clamd The control of the ). No need to bring it -r , By default, it will recursively scan subdirectories
Two 、 install ClamAV、clamdscan
apt -y install clamav clamtk clamav-daemon clamdscan device-tree-compiler


3、 ... and 、 Update database manually
Four 、 usage
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*4.1、clamscan usage
-i tell ClamAV Show only infected files
-r` Flags make scanning recursive
--max-scansize= Flag setting you want ClamAV The maximum amount of data crawled . The maximum is 4000M please remember , This is the actual data being read , Not the size of the file .
--max-filesize= Set what you want ClamAV The maximum size of the scanned file .2、clamav Configuration file for :/etc/clamav/freshclam.conf
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package
DatabaseOwner clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogRotate true
LogTime true
Foreground false
Debug false
MaxAttempts 5
DatabaseDirectory /var/lib/clamav # Virus library location
DNSDatabaseInfo current.cvd.clamav.net
ConnectTimeout 30
ReceiveTimeout 0 # increase ClamAV Overtime
TestDatabases yes
ScriptedUpdates yes
CompressLocalDatabase no
Bytecode true
NotifyClamd /etc/clamav/clamd.conf # To configure
# Check for new database 24 times a day
Checks 24
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net
4.2、clamdscan usage
Clam AntiVirus: Daemon Client 0.103.5
By The ClamAV Team: https://www.clamav.net/about.html#credits
(C) 2022 Cisco Systems, Inc.
clamdscan [options] [file/directory/-]
--help -h Show this help
--version -V Print version number and exit
--verbose -v Be verbose
--quiet Be quiet, only output error messages
--stdout Write to stdout instead of stderr. Does not affect 'debug' messages.
(this help is always written to stdout)
--log=FILE -l FILE Save scan report in FILE
--file-list=FILE -f FILE Scan files from FILE
--ping -p A[:I] Ping clamd up to [A] times at optional interval [I] until it responds.
--wait -w Wait up to 30 seconds for clamd to start. Optionally use alongside --ping to set attempts [A] and interval [I] to check clamd.
--remove Remove infected files. Be careful!
--move=DIRECTORY Move infected files into DIRECTORY
--copy=DIRECTORY Copy infected files into DIRECTORY
--config-file=FILE Read configuration from FILE.
--allmatch -z Continue scanning within file after finding a match.
--multiscan -m Force MULTISCAN mode
--infected -i Only print infected files Only the virus files found are output
--no-summary Disable summary at end of scanning
--reload Request clamd to reload virus database
--fdpass Pass filedescriptor to clamd (useful if clamd is running as a different user)
--stream Force streaming files to clamd (for debugging and unit testing)


5、 ... and 、python Determine whether virus is detected
import re
result = '''
----------- SCAN SUMMARY -----------
Infected files: 1
Time: 0.006 sec (0 m 0 s)
Start Date: 2022:07:15 13:34:40
End Date: 2022:07:15 13:34:40
'''
t = re.findall("Infec[\D]+([\d])", result)
print(t) # ['1'] 边栏推荐
- 榕树贷款,
- typescript ts 基础知识之接口、泛型
- [regular] judgment, mobile number, ID number
- 技术风向标 | 云原生技术架构成熟度模型解读
- app端接口用例设计方法和测试方法
- 30 minutes to thoroughly understand the synchronized lock upgrade process
- Textbox in easyUI inserts content at the cursor position
- Activiti5.22.0 extension supports domestic databases, taking gbase database as an example
- 一种分布式深度学习编程新范式:Global Tensor
- C语言力扣第43题之字符串相乘。优化竖式
猜你喜欢

JMeter distributed pressure measurement

redis秒杀案例,跟着b站尚硅谷老师学习

Design method and test method of APP interface use case

Deeply understand the underlying data structure and algorithm of MySQL index

Details of impala implementation plan

Source code analysis of openfeign
![[1206. Design skip table]](/img/a9/ca45c9fedd6e48387821bdc7ec625c.png)
[1206. Design skip table]

flask_ Reqparse parser inheritance in restful

Customer cases | pay attention to the elderly user experience, and the transformation of bank app to adapt to aging should avoid falsehood and be practical
![[从零开始学习FPGA编程-54]:高阶篇 - 基于IP核的FPGA开发-PLL锁相环IP核的原理与配置(Altera)](/img/4f/f75cfeb4422120ef9ac70cdeb0a840.png)
[从零开始学习FPGA编程-54]:高阶篇 - 基于IP核的FPGA开发-PLL锁相环IP核的原理与配置(Altera)
随机推荐
Reading notes of Kazuo Inamori's advice to young people
Typescript TS basic knowledge interface, generics
如何进行 360 评估
Method of converting curtain article OPML into markdown
若依框架代码生成详解
【常用搜索问题】111
2022牛客多校第二场的J -- 三分做法
Indexing best practices
客户端发送一条sql如何与服务器交互
Customer cases | pay attention to the elderly user experience, and the transformation of bank app to adapt to aging should avoid falsehood and be practical
The function and application of lpci-252 universal PCI interface can card
[learn FPGA programming from scratch -54]: high level chapter - FPGA development based on IP core - principle and configuration of PLL PLL IP core (Altera)
JMeter distributed pressure measurement
docker 创建mysql 8.x容器,支持mac ,arm架构芯片
768. Block II greed that can complete sorting at most
DTS is equipped with a new self-developed kernel, which breaks through the key technology of the three center architecture of the two places Tencent cloud database
Add support for @data add-on in idea
Details of impala implementation plan
阿里 Seata 新版本终于解决了 TCC 模式的幂等、悬挂和空回滚问题
unity之二维数组实现正六边形地图