Otu esi etinye & Jiri ClamAV na AlmaLinux 8

ClamAV bụ ngwa ngwanrọ na-emepe emepe na nke efu nwere ike ịchọpụta ọtụtụ ụdị ngwa ngwa ọjọọ, gụnyere nje, trojans, malware, adware, rootkits, na ihe egwu ọjọọ ndị ọzọ. Otu n'ime isi ihe eji ClamAV eme ihe bụ na sava ozi dị ka ihe nyocha nje virus n'akụkụ nkesa ma ọ bụ jiri ya na sava nnabata faịlụ na-enyocha kwa oge iji jide n'aka na faịlụ dị ọcha, ọkachasị ma ọ bụrụ na ọha mmadụ nwere ike bulite na sava ahụ.

ClamAV na-akwado ọtụtụ ụdị faịlụ (akwụkwọ, executable, ma ọ bụ Archives), na-eji njirimara nyocha nyocha multi-thread, ma na-enweta mmelite maka nchekwa data mbinye aka ya kwa ụbọchị ruo mgbe ụfọdụ ọtụtụ ugboro kwa ụbọchị maka nchebe kachasị ọhụrụ.

N'ime nkuzi a, ị ga-amụta otu esi etinye ma jiri ClamAV na AlmaLinux 8.

Prerequisites

  • OS akwadoro: AlmaLinux 8.
  • Akaụntụ onye ọrụ: Akaụntụ onye ọrụ nwere sudo ihe ùgwù or ohere mgbọrọgwụ (su Command).

Na-emelite Sistemụ Ọrụ

Melite gi AlmaLinux Sistemụ arụmọrụ iji hụ na ngwugwu niile dị adị adịla ugbu a:

sudo dnf upgrade --refresh -y

Nkuzi a ga-eji ya sudo iwu na na-eche na ị nwere ọnọdụ sudo. Iji nyochaa ọkwa sudo na akaụntụ gị:

sudo whoami

Ihe atụ na-egosi ọkwa sudo:

[joshua@localhost ~]$ sudo whoami
root

Ọ bụrụ na ịtọbeghị akaụntụ onye ọrụ sudo ma ọ ga-amasị gị, gaa na nkuzi anyị Otu esi etinye onye ọrụ na Sudoers na AlmaLinux.

Iji mgbọrọgwụ akaụntụ, jiri iwu na-esonụ na paswọọdụ mgbọrọgwụ banye.

su

Wụnye dabere na mbụ

Emebere nrụnye ndị a maka kernel AlmaLinux ndabara; Nrụnye Linux Kernel ọ bụla gbanwetụrụ nwere ike ọ gaghị arụ ọrụ.

Nzọụkwụ mbụ bụ ibubata ebe nchekwa site na EPEL (Ngwugwu ndị ọzọ maka Linux Enterprise) dị ka ndị a:

sudo dnf install epel-release

Ihe atụ mmepụta:

Otu esi etinye & Jiri ClamAV na AlmaLinux 8

Pịnye Y, mgbe ahụ, pịa igodo ntinye aga n'ihu.

Nyochaa ma agbakwunyere ebe nchekwa ahụ nke ọma; nke a nwere ike ime na dnf repolist iwu dị ka n'okpuru:

sudo dnf repolist

Ihe atụ mmepụta:

Otu esi etinye & Jiri ClamAV na AlmaLinux 8

The Ụlọ ọrụ EPEL agbakwunyere nke ọma.

Ngosipụta dị mma, ị nwere ike iji iwu a ọzọ iji hụ mbubata ebe nchekwa ọ bụla n'ọdịnihu.


Advertisement


Wụnye ClamAV

Site na ebe nchekwa agbakwunyere iji nweta ntọhapụ kacha ọhụrụ nke ClamAV, ị nwere ike ịwụnye ngwanro n'ezie, gụnyere nke ngwugwu ngwugwu nke ga-eme usoro mmelite na ngwanrọ antivirus na ndabere.

Iji tinye ClamAV site na EPEL Repository, mebie iwu a:

sudo dnf install clamav clamd clamav-update

Ihe atụ mmepụta:

Otu esi etinye & Jiri ClamAV na AlmaLinux 8

Ụdị "Y", wee pịa "Tinye igodo" ịga n'ihu na nwụnye.

Nwụnye nke ị rụnyere na sistemụ gị gụnyere:

  • njide - Clam Antivirus Daemon.
  • klọm - Ngwa ndị ọrụ Clam maka iji Clam Antivirus.
  • clamavupdate - Clam Antivirus auto-mmelite maka faịlụ data.

Iji nyochaa ma nrụnye ahụ gara nke ọma yana iji kwado ụdị na nọmba nrụpụta jiri ihe ndị a:

clamd --version

Ihe atụ mmepụta:

ClamAV 0.103.3

Dịka ezinụlọ nkesa RHEL niile, AlmaLinux na-eji SELinux; nyere ka ClamAV si arụ ọrụ, ị ga-achọ ịhazi ya, yabụ enweghị nnyonye anya. Iji mee nke a, mee iwu a:

sudo setsebool -P antivirus_can_scan_system 1

Ugbu a ị tinyela ClamAV, ị nwere ike ịga n'ihu imelite nchekwa data nje.

Melite Database Virus ClamAV

Ị ga-achọ ugbu a imelite nchekwa data ClamAV gị tupu ịmalite iji nyocha nje (clamscan). Ka imelite nkọwa ndị a, ị ga-achọ ka ejikọrọ sistemụ gị na ịntanetị site na iji ya (freshclam) iwu ọnụ.

Mbụ, a na-atụ aro ka ịkwụsị (clamav-freshclam) ọrụ tupu ị nwee ike imelite. Iji mee nke a, pịnye iwu a:

sudo systemctl stop clamav-freshclam

Ugbu a, ị nwere ike ịga n'ihu imelite nchekwa data nkọwa nje gị site na iwu njedebe a:

sudo freshclam

Na mmepụta, ị ga-enweta ihe ndị a dịka ọmụmaatụ:

ClamAV update process started at Thur Sep 9 01:22:19 2021
daily.cld database is up-to-date (version: 26276, sigs: 1968691, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2)

Ozugbo emelitere nchekwa data, ị nwere ike ịmalite (clamav-freshclam) ọrụ, yabụ ọ na-eji iwu a na-emelite nchekwa data mbinye aka n'azụ:

sudo systemctl start clamav-freshclam

Mgbe ịmalitere freshclam ka emelitere, chọpụta na ọ dị ka ndị a:

sudo systemctl status clamav-freshclam

Ihe atụ mmepụta:

Mara, gbaa mbọ hụ na i meela ma ọ bụ gbanyụọ ClamAV na buut. Ị ga-achọkarị ka enyere nke a aka; Otú ọ dị, ịnwere ike ịnwe nkwarụ nke a na-akpaghị aka maka sistemu akụrụngwa ma ọ bụ mkpa ka ejiri aka mee ya n'oge na-adịghị mma mgbe ịchọrọ ịme nyocha akwụkwọ ntuziaka.

Kwado ClamAV na mmalite:

sudo systemctl enable clamav-freshclam

Ihe atụ mmepụta:

Created symlink /etc/systemd/system/multi-user.target.wants/clamav-freshclam.service → /usr/lib/systemd/system/clamav-freshclam.service.

Gbanyụọ ClamAV na mmalite:

sudo systemctl disable clamav-freshclam

Rịba ama, (freshclam) na-ebudata ClamAV CVDS na ọdụ data na ebe ndekọ (/var/lib/clamav).

Ka ilele ndekọ aha, jiri ya (ls) iwu:

ls /var/lib/clamav/

Ihe atụ mmepụta:

bytecode.cvd  daily.cld  freshclam.dat  main.cvd

Advertisement


Otu esi eji Clamscan jiri Ọmụmaatụ

Ugbu a ị wụnyela ma kwalite ClamAV, oge eruola inyocha sistemụ gị ka ijide n'aka na ọ dị ọcha. A na-eme nke a na (clamscan) iwu. Ihe atụ nke syntax:

sudo clamscan [options] [file/directory/-]

Nke a bụ ndepụta ihe atụ:

Bipụta enyemaka ClamAV:

sudo clamscan -h

Nyochaa faịlụ:

sudo clamscan /home/script.sh

Nyochaa ndekọ:

sudo clamscan /home/

Bipụta naanị faịlụ ndị butere ọrịa:

sudo clamscan -i /home/

Kwụsị ibipụta faịlụ OK:

sudo clamscan -o /home/

Bipụtala nchịkọta na njedebe nyocha:

sudo clamscan --no-summary /home/

Ozi mgbịrịgba na nchọpụta nje:

sudo clamscan --bell -i /home

Nyochaa akwụkwọ ndekọ aha ugboro ugboro:

sudo clamscan --bell -i -r /home

Chekwaa repo nyochart ka faịlụ:

sudo clamscan --bell -i -r /home -l output.txt

Nyochaa faịlụ ndị edepụtara n'ahịrị n'ahịrị na faịlụ:

sudo clamscan -i -f /tmp/scan

Wepu faịlụ ndị butere ọrịa:

sudo clamscan -r --remove /home/USER

Mara, nke a na-ehichapụ faịlụ na sistemụ gị. Ọ bụrụ na ọ bụ ezigbo ụgha, ị gaghị enwe ike iweghachite faịlụ ahụ.

Bugharịa faịlụ ndị butere n'ime akwụkwọ ndekọ aha iche:

sudo clamscan -r -i --move=/home/USER/infected /home/

Machie ojiji ClamAV CPU

ClamAV n'oge nyocha nwere ike ịdị oke ike nke CPU, sistemụ na-arụ ọrụ na ngwaike nwere oke ma ọ bụ nke ochie nwere ike ịchọta usoro ịtụ ụtụ na sistemụ ha. Ụzọ dị mfe iji kpachie (CPU) n'oge nyocha bụ iji (mma) iwu n'ihu iwu ClamAV ọ bụla.

Ihe atụ nke a (mma) iwu iji belata ClamAV CPU:

sudo nice -n 15 clamscan && sudo clamscan --bell -i -r /home

Uru dị ukwuu nke iji usoro a bụ na ọ bụrụ na ọ nweghị ihe ọzọ na-eji CPU, ClamAV na-eji (clamscan) ga-abawanye ojiji CPU. Agbanyeghị, ọ bụrụ na usoro ọzọ nwere mkpa dị elu chọrọ CPU, mgbe ahụ clamscan ga-agbadata nke ọma iji kwe ka usoro nke ọzọ bute ụzọ.

Enwere nhọrọ ndị ọzọ ole na ole; Otú ọ dị, na (mma) iwu bụ ngwọta kacha mma. Ọ ga-ebuli CPU ma ọ bụrụ n'efu ma wedata ala mgbe ndị nrụpụta ndị ọzọ chọrọ ya, na-enye gị nchikota kacha mma na nchekwa.


Advertisement


Otu esi ewepu ClamAV

Iwepu ClamAV na sistemụ arụmọrụ gị bụ usoro dị ngwa. Mezuo iwu ọnụ ọnụ iji wepụ:

sudo dnf autoremove clamav clamd clamav-update

Rịba ama, nke a ga-ewepụ ihe ndabere niile etinyere na ClamAV maka iwepụ kpamkpam.

Okwu na mmechi

N'ime nkuzi na-esote, ị mụtala otu esi etinye, melite na iji ihe atụ ClamAV na nkesa AlmaLinux 8 gị. N'ozuzu, ClamAV bụ ezigbo nyocha nje. Ọ bụ nke kacha mma? Ọfọn, nke ahụ bụ ruo arụmụka mgbe nile na ngwaahịa ndị ọzọ na-ebili ma na-ada; Otú ọ dị, ClamAV na-anọkarị n'elu 1 ruo 3 na ọtụtụ akwụkwọ ndị mmadụ na ọ bụ mgbalị siri ike iji nyere aka chebe sistemụ arụmọrụ gị na email na ma ọ bụ sava weebụ site na nje, malware, na ihe egwu ndị ọzọ.

Biko mara, n'agbanyeghị ụdị sọftụwia antivirus ndị a dị maka iji n'efu na sistemụ gị, o kwesịghị inye gị echiche nke nchekwa dịka ijide n'aka na sava weebụ ma ọ bụ desktọpụ gị siri ike site na iji usoro ezi uche dị na ya ga-azọpụta gị karịa. software ọ bụla nwere ike. Agbanyeghị, ClamAV bụ ngwa ọzọ dị na ngwa agha iji luso iyi egwu na-eto eto nke cyber ransomware, malware na ndị ọzọ ma ọ bụrụ na i buru ụzọ mee usoro ahụ.

Maka ozi ndị ọzọ gbasara iji ClamAV, gaa na onye ọrụ gọọmentị akwụkwọ.

Ahapụ a Comment