Clamav
De Linuxmemo.
Version du 25 août 2020 à 10:35 par Linuxmemo (discuter | contributions)
Sommaire |
[modifier] Mise a jour des signatures
vim /etc/clamav/freshclam.conf
déclenchez la mise a jour par la commande
freshclam
[modifier] Configurez les paramètres pour le proxy
vim /etc/clamav/freshclam.conf
modifiez les champs
HTTPProxyServer machine.domain.upperdomain HTTPProxyPort 8080 HTTPProxyUsername xxxxx.xxxxxx HTTPProxyPassword xxxxxxxxx
[modifier] Scan
commande
clamscan -r --bell --remove /repascanner
clamscan -ir --remove=no /repascanner
[modifier] Informations
clamconf -n
- verifier la version des signatures
clamscan --version ou strings /var/lib/clamav/daily.cvd|head -1|cut -c1-28 ou sigtool --info /var/lib/clamav/daily.cld
[modifier] Alias
alias clamscan='clamscan --bell -r -i --log=/home/user/.clamav/virus.log --cross-fs=no --remove=yes --copy=/home/user/.clamav --exclude-dir=".clamav" --exclude-dir=".rvm" --exclude-dir=".gem" --exclude-dir="git"'
[modifier] Astuces
clamscanpath()
{
SCAN_REP=$(echo $PATH | sed -e "s/:/ /g")
SCAN_TIME=$(date '+%F-%H%M%S')
\clamscan -i --follow-file-symlinks=2 --bell --log=/home/${LOGNAME}/.clamav/${SCAN_TIME}.log --remove=yes --copy=/home/${LOGNAME}/.clamav ${SCAN_REP}
}
alias clamversion='sigtool --info /var/lib/clamav/daily.cld'
#!/bin/bash clamscan --bell -r -i --log=/home/user/.clamav/$(date '+%F-%H%M%S').log --cross-fs=no --move=/home/user/.clamav/ --exclude-dir=".clamav" --exclude-dir=".rvm" --exclude-dir=".gem" --exclude-dir="git" /home/user
[modifier] script crond
#!/bin/bash
DIRLOGSCAN="/var/log/clamav"
DIRVIRUSMOVE="/var/local/.clamav/"
SCAN_REP=$(echo $PATH | sed -e "s/:/ /g")
if [ ! -d ${DIRLOGSCAN} ] ; then
mkdir ${DIRLOGSCAN}
fi
if [ ! -d ${DIRVIRUSMOVE} ] ; then
mkdir ${DIRVIRUSMOVE}
fi
\clamscan -r -i --log="${DIRLOGSCAN}/home-$(date '+%F-%H%M%S').log" --cross-fs=no --move="${DIRVIRUSMOVE}" --exclude-dir=".clamav" --exclude-dir=".rvm" --exclude-dir=".gem" --exclude-dir="git" /home
\clamscan -r -i --follow-file-symlinks=2 --bell --log="${DIRLOGSCAN}/path-$(date '+%F-%H%M%S').log" --move="${DIRVIRUSMOVE}" ${SCAN_REP}
