Shulou(Shulou.com)06/01 Report--

Prepare two machines for testing

A testing machine 192.168.251.134

A machine under test 192.168.3.24

On the machine under test

You also need to install zlib before installing clamav, or you will get an error during installation.

Tar-zxvf zlib-1.2.3.tar.gz

Cd zlib-1.2.3

. / configure

Make

Make install (zlib compilation and installation)

Because I installed with the source package, I need to create a clamav user manually

Groupadd clamav (create clamav group

Useradd-g clamav clamav (create clamav users and join clamav groups)

Tar-zxvf clamav-0.95.2.tar.gz (decompression)

Cd clamav-0.95.2 (enter the directory)

. / configure-- prefix=/usr/local/clamav

Make

Make install (compile and install)

After the installation of clamav, let clamav start up.

First create a directory.

Mkdir / usr/local/clamav/logs (log storage directory)

Mkdir / usr/local/clamav/updata (clanav virus library directory)

Vi / usr/local/clamav/etc/clamd.conf

There may be a clamd.conf.simple file that you can modify and then

Cp clamd.conf.simple clamd.conf

That's it.

# Example comment out this line. Line 8

LogFile / usr/local/clamav/logs/clamd.log delete the previous comments directory and change it to line 14 below logs

PidFile / usr/local/clamav/updata/clamd.pid delete the previous comment path and change line 57

DatabaseDirectory / usr/local/clamav/updata same as line 65 above

Vi / usr/local/clamav/etc/freshclam.conf

# Example comment out this line. Line 8

DatabaseDirectory / usr/local/clamav/updata

UpdateLogFile / usr/local/clamav/logs/freshclam.log

PidFile / usr/local/clamav/updata/freshclam.pid (forget how many lines to write and find out for yourself.)

Let's create a log file

Touch / usr/local/clamav/logs/freshclam.log

Chown clamav:clamav / usr/local/clamav/logs/freshclam.log

Touch / usr/local/clamav/logs/clamd.log

Chown clamav:clamav / usr/local/clamav/logs/clamd.log

Chown clamav:clamav / usr/local/clamav/updata

/ usr/local/clamav/bin/freshclam (upgrade virus database) to ensure that your LINUX can surf the Internet properly.

[p_w_upload=43384]

It will take a little time.

After waiting for half an hour, I finally finished the download.

In the update at the same time, the testing machine can write a script 192.168.251.134

Pay attention to the environment in which pyClamad needs to be installed before writing

Download the source package at http://xael.org/pages/pyclamd-en.html

Extract and install python setup.py install

Post-installation vim pyclamd.py

#! / usr/bin/python

#-*-coding: utf-8-*-

Import time

Import pyclamd

From threading import Thread

Class Scan (Thread):

Def _ init__ (self,IP,scan_type,file):

"" constructor, parameter initialization ""

Thread.__init__ (self)

Self.IP = IP

Self.scan_type = scan_type

Self.file = file

Self.connstr = ""

Self.scanresult = ""

Def run (self):

"Multi-process run method"

Try:

Cd = pyclamd.ClamdNetworkSocket (self.IP,3310) # create socket object

If cd.ping (): # probe connectivity

Self.connstr = self.IP+ "connection [OK]"

Cd.reload () # overloads the clamd virus feature library. It is recommended to do reload () operation after updating the virus library.

If self.scan_type = = "contscan_file":

Self.scanresult= "{0}\ n" .format (cd.contscan_file (self.file))

Elif self.scan_type== "multiscan_file":

Self.scanresult= "{0}\ n" .format (cd.multiscan_file (self.file))

Elif self.scan_type== "scan_file":

Self.scanresult= "{0}\ n" .format (cd.scan_file (self.file))

Time.sleep (1)

Else:

Self.connstr=self.IP+ "ping error,exit"

Except Exception,e:

Self.connstr=self.IP+ "" + str (e)

IPs= ['192.168.3.24'] # specifies the list of scanning hosts

Scantype = "multiscan_file" # specifies the scanning mode and supports multiscan_file,contscan_file,scan_file

Scanfile = "/ tmp" # specify the scan path

I, 1

Threadnum = 2 # specify the number of threads to start

Scanlist = [] # Storage scan Scan class thread object list

For ip in IPs:

Currp = Scan (ip,scantype,scanfile) # create scan Scan class object, parameters (IP, scan mode, scan path)

Scanlist.append (currp) # append objects to the list

If i%threadnum==0 or i==len (IPs): # when the specified number of threads or IP lists is reached, exit the thread

For task in scanlist:

Task.start () # start thread

For task in scanlist:

Task.join () # waits for all child threads to exit and outputs the scan result

Print task.connstr # print server connection information

Scanlist = []

ITunes 1

Finish the script. Don't run it directly.

Start the service on the server under test on 192.168.3.24 and open the listening port

First sed-I = e'/ ^ TCPAddr/ {sUnix 127.0.0.1; 0.0.0.0;}'/ usr/local/etc/clamv/clamv.conf

Maybe this has been commented out, so it's best to vim it directly and change it manually.

/ usr/local/clamv/sbin/clamd start start

Open port is 3310

Lsof-iPUR 3310 detects whether or not to listen

If the monitoring is successful,

Just run the script on the test server

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.