Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
centos:clamav_centos_host [27.07.2011 11:23. ] – django | centos:clamav_centos_host [22.07.2019 14:48. ] (aktuell) – [Links] django | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ====== ClamAV unter CentOS 5 bzw. Centos 6 ====== | ||
+ | {{: | ||
+ | |||
+ | Hauptsächlich wird **// | ||
+ | ===== Installation ===== | ||
+ | Als erstes installieren wir uns die benötigten Server-Komponenten via **YUM**. Da die benötigten Pakete aus dem rpmforge-Repository kommen, wird die korrekte Einbindung dieses 3rd-party Repositories vorausgesetzt. Wie das geht, steht [[http:// | ||
+ | # yum install clamd clamav clamav-db clamtk -y | ||
+ | Was uns die einzelnen Pakete mitliefern, offentbart uns jeweils ein **rpm -iql**. | ||
+ | ==== Paket clamd==== | ||
+ | < | ||
+ | Name : clamd Relocations: | ||
+ | Version | ||
+ | ... | ||
+ | |||
+ | ... | ||
+ | Size : 514863 | ||
+ | Signature | ||
+ | Packager | ||
+ | URL : http:// | ||
+ | Summary | ||
+ | Description : | ||
+ | The Clam AntiVirus Daemon | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | /var/clamav | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | </ | ||
+ | ==== Paket clamav-db==== | ||
+ | < | ||
+ | Name : clamav-db | ||
+ | Version | ||
+ | ... | ||
+ | |||
+ | ... | ||
+ | Size : 21126396 | ||
+ | Signature | ||
+ | Packager | ||
+ | URL : http:// | ||
+ | Summary | ||
+ | Description : | ||
+ | The actual virus database for clamav | ||
+ | / | ||
+ | / | ||
+ | /var/clamav | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | ==== Paket clamav==== | ||
+ | < | ||
+ | Name : clamav | ||
+ | Version | ||
+ | ... | ||
+ | |||
+ | ... | ||
+ | Size : 5077647 | ||
+ | Signature | ||
+ | Packager | ||
+ | URL : http:// | ||
+ | Summary | ||
+ | Description : | ||
+ | Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of | ||
+ | this software is the integration with mail servers (attachment scanning). | ||
+ | The package provides a flexible and scalable multi-threaded daemon, a | ||
+ | command line scanner, and a tool for automatic updating via Internet. | ||
+ | |||
+ | The programs are based on a shared library distributed with the Clam | ||
+ | AntiVirus package, which you can use with your own software. Most | ||
+ | importantly, | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | ==== Paket clamtk==== | ||
+ | < | ||
+ | Name : clamtk | ||
+ | Version | ||
+ | ... | ||
+ | |||
+ | ... | ||
+ | Size : 110094 | ||
+ | Signature | ||
+ | Packager | ||
+ | URL : http:// | ||
+ | Summary | ||
+ | Description : | ||
+ | ClamTk is a front-end, point and click gui for ClamAV on Linux systems. | ||
+ | It supports easy signature-updates. | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | ===== clamav Konfiguration ===== | ||
+ | ==== erster Programmstart ==== | ||
+ | Nun ist es an der Zeit unseren **ClamAV**-Daemon das erste mal zu starten. | ||
+ | # service clamd start | ||
+ | < | ||
+ | LibClamAV Warning: *** The virus database is older than 7 days! *** | ||
+ | LibClamAV Warning: *** | ||
+ | LibClamAV Warning: ************************************************** | ||
+ | | ||
+ | Wir müssen also unser Virendatenbank erst einmal updaten - Hierzu nutzen wir das Programm **freshclam** aus dem Paket **// | ||
+ | # service clamd stop | ||
+ | |||
+ | | ||
+ | |||
+ | ==== automatisches Starten des Daemon beim Systemstart ==== | ||
+ | Damit nun unser ClamAV-Daemon beim Booten automatisch gestartet wird, nehmen wir noch folgende Konfigurationsschritte vor. | ||
+ | # chkconfig clamd on | ||
+ | Anschließend überprüfen wir noch unsere Änderung: | ||
+ | # chkconfig --list | grep clamd | ||
+ | | ||
+ | |||
+ | ===== freshlam Konfiguration ===== | ||
+ | Damit [[http:// | ||
+ | |||
+ | In der Standardkonfiguration sorgt **freshclam** dafür, dass **1x am Tag** ein Update der Virenpattern-Datenbank vorgenommen wird. Bei Bedarf können wir den Updatezyklus unseren Erfordernissen anpassen und so z.B. alle Stunde überprüfen lassen ob neue Patternfiles vorhanden sind und diese dann auf unseren Rechner herunterzuladen und in die lokale Datenbak einfließen zu lassen. Hierbei stehen uns prinzipiell zwei Mechanismen zur Verfügung, die **crontab** und der **Daemon-Modus**. Beide Varianten könnten im System parallel genutzt werden - nachfolgend werden bei Möglichkeiten kurz beschrieben. | ||
+ | |||
+ | ==== Nutzung crontab ==== | ||
+ | Die erste und einfache Variante besteht darin das Update-Script, | ||
+ | Das Updatescript beinhaltet folgende Parameter und Aufrufe: | ||
+ | <file freshclam># | ||
+ | |||
+ | ### A simple update script for the clamav virus database. | ||
+ | ### This could as well be replaced by a SysV script. | ||
+ | |||
+ | ### fix log file if needed | ||
+ | LOG_FILE="/ | ||
+ | if [ ! -f " | ||
+ | touch " | ||
+ | chmod 644 " | ||
+ | chown clamav.clamav " | ||
+ | fi | ||
+ | |||
+ | / | ||
+ | --quiet \ | ||
+ | --datadir="/ | ||
+ | --log=" | ||
+ | --daemon-notify="/ | ||
+ | </ | ||
+ | Wir verschieben also das Script bei Bedarf nach // | ||
+ | # mv / | ||
+ | ==== Nutzung Daemon-Modus ==== | ||
+ | Die zuvor erwähnte zweite Möglichkeit zum Updaten der Virenpattern-Datenbank ist die Nutzung des **freshclam-Daemons**, | ||
+ | === Startscript === | ||
+ | Da bei unserer Installation kein passendes Init-V-Script mitgeliefert wurde legen wir uns ein eigenes Startscript an. | ||
+ | # vim / | ||
+ | <file bash freshclamd> | ||
+ | #!/bin/sh | ||
+ | # | ||
+ | # freshclamd | ||
+ | # | ||
+ | # chkconfig: - 62 38 | ||
+ | # description: | ||
+ | # | ||
+ | # processname: | ||
+ | # config: / | ||
+ | # pidfile: / | ||
+ | |||
+ | # Source function library | ||
+ | . / | ||
+ | |||
+ | # Get network config | ||
+ | . / | ||
+ | |||
+ | test -f / | ||
+ | |||
+ | RETVAL=0 | ||
+ | DATA_DIR="/ | ||
+ | CLAMD_CONF_FILE="/ | ||
+ | LOG_FILE="/ | ||
+ | |||
+ | if [ ! -f " | ||
+ | touch " | ||
+ | chmod 644 " | ||
+ | chown clamav.clamav " | ||
+ | fi | ||
+ | |||
+ | start() { | ||
+ | echo -n $" | ||
+ | # Start me up! | ||
+ | # | ||
+ | # | ||
+ | daemon / | ||
+ | -c 48 \ | ||
+ | --quiet \ | ||
+ | --datadir=" | ||
+ | --daemon-notify=" | ||
+ | RETVAL=$? | ||
+ | echo | ||
+ | [ $RETVAL -eq 0 ] && touch / | ||
+ | return $RETVAL | ||
+ | } | ||
+ | |||
+ | stop() { | ||
+ | echo -n $" | ||
+ | killproc freshclam | ||
+ | RETVAL=$? | ||
+ | echo | ||
+ | [ $RETVAL -eq 0 ] && rm -f / | ||
+ | return $RETVAL | ||
+ | } | ||
+ | |||
+ | restart() { | ||
+ | stop | ||
+ | start | ||
+ | } | ||
+ | |||
+ | reload() { | ||
+ | echo -n $" | ||
+ | killproc freshclam -ALRM | ||
+ | RETVAL=$? | ||
+ | echo | ||
+ | return $RETVAL | ||
+ | } | ||
+ | |||
+ | |||
+ | case " | ||
+ | start) | ||
+ | start | ||
+ | ;; | ||
+ | stop) | ||
+ | stop | ||
+ | ;; | ||
+ | status) | ||
+ | status freshclam | ||
+ | ;; | ||
+ | restart) | ||
+ | restart | ||
+ | ;; | ||
+ | condrestart) | ||
+ | [ -f / | ||
+ | ;; | ||
+ | reload) | ||
+ | reload | ||
+ | ;; | ||
+ | *) | ||
+ | echo $" | ||
+ | exit 1 | ||
+ | esac | ||
+ | |||
+ | exit $? | ||
+ | </ | ||
+ | Anschließend passen wir noch die Dateirechte an: | ||
+ | # chmod +x / | ||
+ | |||
+ | === Konfiguration === | ||
+ | Wir passen nun in der Konfigurationsdatei **/// | ||
+ | < | ||
+ | |||
+ | ... | ||
+ | # Number of database checks per day. | ||
+ | # Default: 12 (every two hours) | ||
+ | # Django 17.05.2009 für halbstündlichen Virenpatterndatenbankcheck | ||
+ | Checks 48 | ||
+ | ... | ||
+ | </ | ||
+ | === erster Programmstart === | ||
+ | Unseren Updatemechanismus **freshclam-daemon** starten wir wie gewohnt mit: | ||
+ | # service freshclamd start | ||
+ | | ||
+ | Im Logfile // | ||
+ | < | ||
+ | -------------------------------------- | ||
+ | freshclam daemon 0.95.1 (OS: linux-gnu, ARCH: i386, CPU: i386) | ||
+ | ClamAV update process started at Sun May 17 22:15:13 2009 | ||
+ | Downloading main-51.cdiff [100%] | ||
+ | main.cld updated (version: 51, sigs: 545035, f-level: 42, builder: sven) | ||
+ | WARNING: getfile: daily-9214.cdiff not found on remote server (IP: 193.27.50.222) | ||
+ | WARNING: getpatch: Can't download daily-9214.cdiff from db.de.clamav.net | ||
+ | Trying host db.de.clamav.net (213.174.32.130)... | ||
+ | WARNING: getfile: daily-9214.cdiff not found on remote server (IP: 213.174.32.130) | ||
+ | WARNING: getpatch: Can't download daily-9214.cdiff from db.de.clamav.net | ||
+ | Trying host db.de.clamav.net (212.1.60.18)... | ||
+ | WARNING: getfile: daily-9214.cdiff not found on remote server (IP: 212.1.60.18) | ||
+ | WARNING: getpatch: Can't download daily-9214.cdiff from db.de.clamav.net | ||
+ | WARNING: Incremental update failed, trying to download daily.cvd | ||
+ | Trying host db.de.clamav.net (130.133.110.67)... | ||
+ | Downloading daily.cvd [100%] | ||
+ | daily.cvd updated (version: 9365, sigs: 5249, f-level: 42, builder: mcichosz) | ||
+ | Database updated (550284 signatures) from db.de.clamav.net (IP: 130.133.110.67) | ||
+ | --------------------------------------</ | ||
+ | === automatisches Starten des Daemon beim Systemstart === | ||
+ | Damit nun unser freshcam-Daemon beim Booten automatisch gestartet wird, nehmen wir noch folgende Konfigurationsschritte vor. | ||
+ | # chkconfig freshclamd on | ||
+ | Anschließend überprüfen wir noch unsere Änderung: | ||
+ | # chkconfig --list | grep freshclamd | ||
+ | | ||
+ | ===== clamav Start ===== | ||
+ | Da unsere Virendatenbank nun uptodate ist können wir den clamav-Daemon nun ohne Fehlermeldung starten: | ||
+ | # service clamd start | ||
+ | | ||
+ | Im Logfile **/// | ||
+ | < | ||
+ | Sun May 17 22:20:12 2009 -> clamd daemon 0.99.1 (OS: linux-gnu, ARCH: i386, CPU: i386) | ||
+ | Sun May 17 22:20:12 2009 -> Running as user clamav (UID 101, GID 105) | ||
+ | Sun May 17 22:20:12 2009 -> Log file size limit disabled. | ||
+ | Sun May 17 22:20:12 2009 -> Reading databases from /var/clamav | ||
+ | Sun May 17 22:20:12 2009 -> Not loading PUA signatures. | ||
+ | Sun May 17 22:20:13 2009 -> Loaded 549731 signatures. | ||
+ | Sun May 17 22:20:13 2009 -> TCP: Bound to address 127.0.0.1 on port 3310 | ||
+ | Sun May 17 22:20:13 2009 -> TCP: Setting connection queue length to 30 | ||
+ | Sun May 17 22:20:13 2009 -> LOCAL: Unix socket file / | ||
+ | Sun May 17 22:20:13 2009 -> LOCAL: Setting connection queue length to 30 | ||
+ | Sun May 17 22:20:13 2009 -> Limits: Global size limit set to 104857600 bytes. | ||
+ | Sun May 17 22:20:13 2009 -> Limits: File size limit set to 26214400 bytes. | ||
+ | Sun May 17 22:20:13 2009 -> Limits: Recursion level limit set to 16. | ||
+ | Sun May 17 22:20:13 2009 -> Limits: Files limit set to 10000. | ||
+ | Sun May 17 22:20:13 2009 -> Archive support enabled. | ||
+ | Sun May 17 22:20:13 2009 -> Algorithmic detection enabled. | ||
+ | Sun May 17 22:20:13 2009 -> Portable Executable support enabled. | ||
+ | Sun May 17 22:20:13 2009 -> ELF support enabled. | ||
+ | Sun May 17 22:20:13 2009 -> Detection of broken executables enabled. | ||
+ | Sun May 17 22:20:13 2009 -> Mail files support enabled. | ||
+ | Sun May 17 22:20:13 2009 -> OLE2 support enabled. | ||
+ | Sun May 17 22:20:13 2009 -> PDF support enabled. | ||
+ | Sun May 17 22:20:13 2009 -> HTML support enabled. | ||
+ | Sun May 17 22:20:13 2009 -> Self checking every 600 seconds. | ||
+ | </ | ||
+ | ===== manueller Scanlauf ===== | ||
+ | ==== clamscan ==== | ||
+ | Um auf der Konsole ein Verzeichnis zu scannen rufen wir einfach **clamscan** auf: | ||
+ | < | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | |||
+ | ----------- SCAN SUMMARY ----------- | ||
+ | Known viruses: 549731 | ||
+ | Engine version: 0.95.1 | ||
+ | Scanned directories: | ||
+ | Scanned files: 6 | ||
+ | Infected files: 1 | ||
+ | Data scanned: 0.00 MB | ||
+ | Data read: 0.00 MB (ratio 0.00:1) | ||
+ | Time: 1.047 sec (0 m 1 s)</ | ||
+ | In dem oben genannten Beispiel wurde eine Datei bemängelt, in der sich die **// | ||
+ | <WRAP round important> | ||
+ | |||
+ | < | ||
+ | </ | ||
+ | |||
+ | ==== clamtk ==== | ||
+ | Alternativ kann man auch das Programm **clamtk** einem **GUI**((Graphical User Interface)) nutzen. | ||
+ | |||
+ | |||
+ | {{ : | ||
+ | |||
+ | |||
+ | ===== automatischer Scanlauf ===== | ||
+ | ==== virusscan ==== | ||
+ | Wollen wir einen automatischen Scan-Lauf eines Verzeichnisses in regelmäßigen Abständen vornehmen, bedienen wir uns eines einfachen Shell-Scripts. | ||
+ | |||
+ | Im Verzeichnis **/ | ||
+ | |||
+ | # vim / | ||
+ | |||
+ | <file bash virusscan> | ||
+ | #!/bin/bash | ||
+ | |||
+ | ############################################################################## | ||
+ | # Script-Name : virusscan | ||
+ | # Description : CLamAV-Scan for a directory. When a virus was found a e-Mail # | ||
+ | # will be send to the Administration. | ||
+ | # # | ||
+ | # Last update : 19.10.2009 | ||
+ | # Version | ||
+ | ############################################################################## | ||
+ | |||
+ | ############################################################################## | ||
+ | # H I S T O R Y # | ||
+ | ############################################################################## | ||
+ | # Version | ||
+ | # Description : initial release | ||
+ | # -------------------------------------------------------------------------- # | ||
+ | ############################################################################## | ||
+ | |||
+ | # Source function library. | ||
+ | . / | ||
+ | |||
+ | # Source variable declarations. | ||
+ | SCAN_DIRECTORY="/ | ||
+ | SCAN_TEMP_FILE="/ | ||
+ | HOST=$(hostname) | ||
+ | MAIL="/ | ||
+ | MAIL_TO=" | ||
+ | |||
+ | |||
+ | ############################################################################## | ||
+ | # Check if temp file exist, and delete them. # | ||
+ | ############################################################################## | ||
+ | if [ -e " | ||
+ | echo -n $" | ||
+ | `rm $SCAN_TEMP_FILE -f` | ||
+ | # Check if delete of temp file was successful. | ||
+ | if [ " | ||
+ | failure; echo | ||
+ | exit 3 | ||
+ | else | ||
+ | success; echo | ||
+ | fi | ||
+ | fi | ||
+ | |||
+ | ############################################################################## | ||
+ | # Scan a directory recursly. | ||
+ | ############################################################################## | ||
+ | echo -n $" | ||
+ | |||
+ | / | ||
+ | if [ " | ||
+ | failure; echo | ||
+ | echo " | ||
+ | exit 4 | ||
+ | else | ||
+ | success; echo | ||
+ | fi | ||
+ | |||
+ | ############################################################################## | ||
+ | # Check if a virus was found, and send a e-Mail if true. # | ||
+ | ############################################################################## | ||
+ | echo -n $" | ||
+ | |||
+ | if [ -n "`grep FOUND $SCAN_TEMP_FILE`" | ||
+ | warning; echo | ||
+ | cat ${SCAN_TEMP_FILE} | ${MAIL} -s "!!! VIRUS GEFUNDEN @ ${HOST} !!!" ${MAIL_TO} | ||
+ | else | ||
+ | success; echo | ||
+ | fi | ||
+ | |||
+ | # End of script; | ||
+ | exit 0 | ||
+ | </ | ||
+ | Möchten wir einzelne Verzeichnisse nur teilweise, oder auch mehrere verschiedene Verzeichnisse scannen, so nutzen wir einfach eine klein wenig erweiterte Version des vorgenannten Scriptes. | ||
+ | |||
+ | <file bash / | ||
+ | #!/bin/bash | ||
+ | |||
+ | ############################################################################## | ||
+ | # Script-Name : virusscan.sh | ||
+ | # Description : Automatisierter CLamAV-Scan für Verzeichnisse. | ||
+ | # Sollte ein Virus gefunden werden, wird der System- | ||
+ | # | ||
+ | # # | ||
+ | # Last update : 17.06.2011 | ||
+ | # Version | ||
+ | ############################################################################## | ||
+ | |||
+ | ############################################################################## | ||
+ | # H I S T O R Y # | ||
+ | ############################################################################## | ||
+ | # -------------------------------------------------------------------------- # | ||
+ | # Version | ||
+ | # Description : Umstellung auf einzeln zu definierende Scanbereiche | ||
+ | # -------------------------------------------------------------------------- # | ||
+ | # Version | ||
+ | # Description : initiale Version mit Definition eines einzelnen | ||
+ | # | ||
+ | ############################################################################## | ||
+ | |||
+ | # Source function library. | ||
+ | . / | ||
+ | |||
+ | # Source variable declarations. | ||
+ | ARRAY=( "/ | ||
+ | "/ | ||
+ | "/ | ||
+ | "/ | ||
+ | SCAN_DIRECTORY="/ | ||
+ | SCAN_TEMP_FILE="/ | ||
+ | HOST=$(hostname) | ||
+ | MAIL="/ | ||
+ | MAIL_TO=" | ||
+ | |||
+ | ############################################################################## | ||
+ | # Check if dms directory is mounted via DRBD # | ||
+ | ############################################################################## | ||
+ | #if [ ! -d " | ||
+ | # echo -n $" | ||
+ | # success; echo | ||
+ | # exit 2 | ||
+ | #fi | ||
+ | |||
+ | ############################################################################## | ||
+ | # Check if temp file exist, and delete them. # | ||
+ | ############################################################################## | ||
+ | if [ -e " | ||
+ | echo -n $" | ||
+ | `rm $SCAN_TEMP_FILE -f` | ||
+ | touch $SCAN_TEMP_FILE | ||
+ | # Check if delete of temp file was successful. | ||
+ | if [ " | ||
+ | failure; echo | ||
+ | exit 3 | ||
+ | else | ||
+ | success; echo | ||
+ | fi | ||
+ | fi | ||
+ | |||
+ | ############################################################################## | ||
+ | # Scan a directory recursly. | ||
+ | ############################################################################## | ||
+ | ELEMENTS=${# | ||
+ | echo $" | ||
+ | |||
+ | for (( i=0; | ||
+ | echo -n $" | ||
+ | / | ||
+ | if [ " | ||
+ | failure; echo | ||
+ | echo " | ||
+ | exit 4 | ||
+ | else | ||
+ | success; echo | ||
+ | fi | ||
+ | done | ||
+ | |||
+ | #echo -n $" | ||
+ | # | ||
+ | #/ | ||
+ | #if [ " | ||
+ | # failure; echo | ||
+ | # echo " | ||
+ | # exit 4 | ||
+ | #else | ||
+ | # success; echo | ||
+ | #fi | ||
+ | |||
+ | ############################################################################## | ||
+ | # Check if a virus was found, and send a e-Mail if true. # | ||
+ | ############################################################################## | ||
+ | echo -n $" | ||
+ | |||
+ | if [ -n "`grep FOUND $SCAN_TEMP_FILE`" | ||
+ | warning; echo | ||
+ | grep FOUND ${SCAN_TEMP_FILE} | ${MAIL} -s "!!! VIRUS GEFUNDEN @ ${HOST}!!!" | ||
+ | # cat ${SCAN_TEMP_FILE} | ${MAIL} -s "!!! VIRUS GEFUNDEN @ ${HOST} !!!" ${MAIL_TO} | ||
+ | else | ||
+ | success; echo | ||
+ | fi | ||
+ | |||
+ | # End of script; | ||
+ | exit 0 | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | |||
+ | Anschließend setzen wir nun die e**X**ecutable-Dateiberechtigungen unseres shell-scriptes. | ||
+ | # chmod +x / | ||
+ | |||
+ | Damit nun das oder die gewählten Verzeichnisse regelmäßig gescannt werden, brauchen wir lediglich einen symbolischen link in das gewünschte Verzeichnis **/ | ||
+ | # ln -s / | ||
+ | Wollen wir 1x am Tag den Scanvorgang anstoßen lautet der Aufruf entsprechend: | ||
+ | # ln -s / | ||
+ | ====== Links ====== | ||
+ | * **[[wiki: | ||
+ | * **[[http:// | ||
+ | |||