so this may include some mistakes !
https://wiki.manjaro.org/index.php?title=ClamAV is a very good URL .
キングソフトの無料叛のウイルスの認識率は99.5%です.
巧妙な悪意のあるウイルス開発者は そこなのあたりのアンチウイルスには引っかからないような 新型極悪ウイルスを開発します。
従って免疫でウイルスをやっつけるようなのは 新型ウィルスには感染します。
根本は まず自分の体を鍛え ワクチンなくてもウイルスに感染しない体にしておかないといけないと思います。
この点でも OpenBSD に魅せられてしまいます。
1) in case of openbsd
clamav
/comment-out.bat /etc/freshclam.conf <
DatabaseMirror database.clamav.net
freshclam -v
/comment-out.bat /etc/clamd.conf
LogFile /var/log/clamd.log
LogFileMaxSize 2M
LogRotate yes
LocalSocket /tmp/clamd.socket
User _clamav
MaxRecursion 12
ls -l /var/log/clamd.log
-rw-r--r-- 1 _clamav _clamav 3138 Jun 10 13:56 /var/log/clamd.log
./comment-out.bat /etc/rc.local
/etc/rc.d/cupsd restart
/etc/rc.d/freshclam -f restart
/etc/rc.d/clamd -f restart
# ps ax| grep clam
38003 ?? Is 0:00.02 /usr/local/bin/freshclam -d
31696 ?? Is 0:00.06 /usr/local/sbin/clamd
65693 p0 R+/1 0:00.00 grep clam
curl https://www.eicar.org/download/eicar.com.txt | clamscan -
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 68 100 68 0 0 8 0 0:00:08 0:00:08 --:--:-- 18
stdin: Eicar-Test-Signature FOUND
----------- SCAN SUMMARY -----------
Known viruses: 6543598
Engine version: 0.99.4
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 15.854 sec (0 m 15 s)
clamscan
---------- SCAN SUMMARY -----------
Known viruses: 6543598
Engine version: 0.99.4
Scanned directories: 791
Scanned files: 24016
Infected files: 0
Data scanned: 1342.93 MB
Data read: 20163.23 MB (ratio 0.07:1)
Time: 496.244 sec (8 m 16 s)
bsd# cat /var/log/clamd.log
+++ Started at Sun Jun 10 13:49:39 2018
Received 0 file descriptor(s) from systemd.
ERROR: Please define server type (local and/or TCP).
+++ Started at Sun Jun 10 13:51:03 2018
Received 0 file descriptor(s) from systemd.
clamd daemon 0.99.4 (OS: openbsd6.3, ARCH: x86_64, CPU: x86_64)
Running as user _clamav (UID 539, GID 539)
Log file size limited to 1048576 bytes.
Reading databases from /var/db/clamav
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
Loaded 6542959 signatures.
LOCAL: Unix socket file /tmp/clamd.socket
LOCAL: Setting connection queue length to 200
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 12.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
OLE2 support enabled.
PDF support enabled.
SWF support enabled.
HTML support enabled.
XMLDOCS support enabled.
HWP3 support enabled.
Self checking every 600 seconds.
Set stacksize to 1048576
--- Stopped at Sun Jun 10 13:53:23 2018
Socket file removed.
+++ Started at Sun Jun 10 13:55:30 2018
Received 0 file descriptor(s) from systemd.
clamd daemon 0.99.4 (OS: openbsd6.3, ARCH: x86_64, CPU: x86_64)
Running as user _clamav (UID 539, GID 539)
Log file size limited to 1048576 bytes.
Reading databases from /var/db/clamav
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
Loaded 6543598 signatures.
LOCAL: Unix socket file /tmp/clamd.socket
LOCAL: Setting connection queue length to 200
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 12.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
OLE2 support enabled.
PDF support enabled.
SWF support enabled.
HTML support enabled.
XMLDOCS support enabled.
HWP3 support enabled.
Self checking every 600 seconds.
Set stacksize to 1048576
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
---------- SCAN SUMMARY -----------
Known viruses: 6543598
Engine version: 0.99.4
Scanned directories: 791
Scanned files: 24016
Infected files: 0
Data scanned: 1342.93 MB
Data read: 20163.23 MB (ratio 0.07:1)
Time: 496.244 sec (8 m 16 s)
bsd# cat /var/log/clamd.log
+++ Started at Sun Jun 10 13:49:39 2018
Received 0 file descriptor(s) from systemd.
ERROR: Please define server type (local and/or TCP).
+++ Started at Sun Jun 10 13:51:03 2018
Received 0 file descriptor(s) from systemd.
clamd daemon 0.99.4 (OS: openbsd6.3, ARCH: x86_64, CPU: x86_64)
Running as user _clamav (UID 539, GID 539)
Log file size limited to 1048576 bytes.
Reading databases from /var/db/clamav
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
Loaded 6542959 signatures.
LOCAL: Unix socket file /tmp/clamd.socket
LOCAL: Setting connection queue length to 200
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 12.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
OLE2 support enabled.
PDF support enabled.
SWF support enabled.
HTML support enabled.
XMLDOCS support enabled.
HWP3 support enabled.
Self checking every 600 seconds.
Set stacksize to 1048576
--- Stopped at Sun Jun 10 13:53:23 2018
Socket file removed.
+++ Started at Sun Jun 10 13:55:30 2018
Received 0 file descriptor(s) from systemd.
clamd daemon 0.99.4 (OS: openbsd6.3, ARCH: x86_64, CPU: x86_64)
Running as user _clamav (UID 539, GID 539)
Log file size limited to 1048576 bytes.
Reading databases from /var/db/clamav
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
Loaded 6543598 signatures.
LOCAL: Unix socket file /tmp/clamd.socket
LOCAL: Setting connection queue length to 200
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 12.
Limits: Files limit set to 10000.
Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Limits: MaxScriptNormalize limit set to 5242880 bytes.
Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Limits: MaxPartitions limit set to 50.
Limits: MaxIconsPE limit set to 100.
Limits: MaxRecHWP3 limit set to 16.
Limits: PCREMatchLimit limit set to 10000.
Limits: PCRERecMatchLimit limit set to 5000.
Limits: PCREMaxFileSize limit set to 26214400.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
OLE2 support enabled.
PDF support enabled.
SWF support enabled.
HTML support enabled.
XMLDOCS support enabled.
HWP3 support enabled.
Self checking every 600 seconds.
Set stacksize to 1048576
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
SelfCheck: Database status OK.
しかし
24153 _clamav 2 0 565M 528M sleep/3 poll 0:20 0.00% clamd
と clamdは メモリを 528Mも喰ってるので メモリの少ないPCでは 負担だね!
2) in case of archlinux
clamav-freshclam
clamav-daemon.service
./comment-out.bat /etc/clamav/clamd.conf
LogFile /var/log/clamav/clamd.log
LogTime yes
PidFile /run/clamav/clamd.pid
TemporaryDirectory /tmp
LocalSocket /run/clamav/clamd.ctl
User clamav
touch /run/clamav/clamd.ctl
ls -l /run/clamav/clamd.ctl
srw-rw-rw- 1 clamav clamav 0 Jun 10 14:13 /run/clamav/clamd.ctl
./comment-out.bat /etc/clamav/freshclam.conf
UpdateLogFile /var/log/clamav/freshclam.log
PidFile /run/clamav/freshclam.pid
DatabaseMirror database.clamav.net
DatabaseMirror database.clamav.net
で
Analyze suspicious files and URLs to detect types of malware
Analyze suspicious files and URLs to detect types of malware
0 件のコメント:
コメントを投稿