使用Clam AntiVirus保护你的linux免遭病毒侵害

官方主页：http://www.clamav.net/
目前最新的版本是0.88，注意要使用最新版的才能升级病毒库

 

系统要求：下面引用官方文档原文

QUOTE:
Requirements
The following elements are required to compile ClamAV:
zlib and zlib-devel packages
gcc compiler suite (both 2.9x and 3.x are supported)
The following packages are optional but highly recommended:
bzip2 and bzip2-devel library
GNU MP 3
It's very important to install the GMP package because it allows freshclam to verify the digital signatures of the virus databases. If freshclam was compiled without GMP support it will display "SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES" on every update. You can download GNU MP at http://www.swox.com/gmp/
A note for Solaris/SPARC users: you must set the ABI system variable to 32 (e.g. setenv ABI 32) before running the configuration script of GMP. 

开始安装
首先添加组和用户
# groupadd clamav
# useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
安装
# tar zxvf clamav-0.88.tar.gz
# cd clamav-0.88
# ./configure --prefix=/usr/local/clamav --sysconfdir=/etc --disable-zlib-vcheck --disable-dns --disable-clamuko
说明： clamav-0.88要求zlib的版本比较高，我的as4系统自带的1.2.1.2-1都通过不了，看了一下最新的版本是1.2.3，呵呵，懒得升级了
# make
# make install
日志文件设定
# touch /var/log/freshclam.log
# chmod 600 /var/log/freshclam.log
# chown clamav /var/log/freshclam.log
# touch /var/log/clam.log
# chmod 600 /var/log/clam.log
# chown clamav /var/log/clam.log
配置文件
# vi /etc/freshclam.conf
下面是修改过的地方

CODE:#Example
DatabaseDirectory /var/lib/clamav
UpdateLogFile /var/log/freshclam.log

# vi /etc/clamd.conf

CODE:#Example
LogFile /var/log/clam.log

至此，安装完成

用freshclam升级病毒库：
# freshclam

使用方法：
查杀当前目录下的文件
# clamscan ./
查杀当前目录所有文件及目录！
# clamscan -r ./
查杀dir目录，
# clamscan dir
查杀目录dir下所有文件及目录！
# clamscan -r dir

其他差数
-l [路径] [文件名] 增加扫描报告
# clamscan -l /var/log/clamscan.log /
--move [路径] 移动病毒文件至..
--remove [路径] 删除病毒文件
--unzip(unrar) 解压压缩文件扫描

这里clamscan的路径为/usr/local/clamav/bin/clamscan