How to install clamdav anti virus for WCC scan during check in ?
Verification :
Purpose : install clamdav anti virus to use from WCC during check in
Steps :
1.Install clamden
using yum
2.configure to run
as server
3.Automate
Detailed Steps :
1. Install : EPEL
Repo
[rpm
-Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
yum localinstall
--nogpgcheck http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
Edit
/etc/yum/repo.d/epel.repo :::
edit all urls from
https to http
if https is used ,
then there can be connection issues
2. yum update
yum update
After updating the
yum , make sure that all repo shows properly like this
[root@stjacob-pc1
yum.repos.d]# yum repolist
Loaded plugins:
refresh-packagekit, security, ulninfo
repo id repo name
status
*epel
Extra Packages for Enterprise Linux 6 - x86_64 11,750
3. then install
using yum
yum install
clamav clamd
4. edit
freshclam.conf location /etc/freshclam.conf ( to configure for time
out setting , proxy server etc etc)
UpdateLogFile
/u01/oracle/clamav/var/log/freshclam.logLogFileMaxSize 2MLogTime yesDatabaseMirror database.clamav.netMaxAttempts 5ConnectTimeout 60ReceiveTimeout 60
5. edit
clamd.conf located at /etc/clamd.conf ( to set listner etc)
LogFile
/u01/oracle/clamav/var/log/clamd.logLogFileMaxSize 25MLogTime yesTCPSocket 3310TCPAddr MYIPMaxConnectionQueueLength 10ReadTimeout 300CommandReadTimeout 5MaxFileSize 250M
6. start
/usr/sbin/clamd
7.Verify the process
and port
ps -ef | grep clamd
netstat -anp | grep
3310 ( from clamd.conf )
Example :
[root@IP
clamav-0.98.7]# ps -ef | grep clamd
clam 14315
1 0 03:01 ? 00:00:00 /usr/sbin/clamd
root 14319
14047 0 03:02 pts/1 00:00:00 grep clamd
[root@IP
clamav-0.98.7]# netstat -anp | grep 3310
tcp 0
0 MYIP:3310 0.0.0.0:* LISTEN
14315/clamd
Verification :
1. run
freshclam
to update the database
2.if above command failed , we can download it manually on /var/lib/clamav
cd /var/lib/clamav
wget http://db.local.clamav.net/main.cvd
wget http://db.local.clamav.net/daily.cvd
3. test signature file
vi /tmp/test.txt
copy paste :
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
4. Run clamdscan
clamdscan /tmp/news.txt
example :
/tmp/news.txt: Eicar-Test-Signature FOUND
----------- SCAN SUMMARY -----------
Infected files: 1
Time: 0.001 sec (0 m 0 s)
freshclam
to update the database
2.if above command failed , we can download it manually on /var/lib/clamav
cd /var/lib/clamav
wget http://db.local.clamav.net/main.cvd
wget http://db.local.clamav.net/daily.cvd
3. test signature file
vi /tmp/test.txt
copy paste :
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
4. Run clamdscan
clamdscan /tmp/news.txt
example :
/tmp/news.txt: Eicar-Test-Signature FOUND
----------- SCAN SUMMARY -----------
Infected files: 1
Time: 0.001 sec (0 m 0 s)
Automation :
A. Start the clamd service and set it to auto-start
1 /etc/init.d/clamd on
2 chkconfig clamd on
3 /etc/init.d/clamd start
B. Update ClamAV’s
signatures
1
/usr/bin/freshclam
Note:it should be
put in crontab
No comments:
Post a Comment