{"id":37,"date":"2011-09-24T15:20:00","date_gmt":"2011-09-24T06:20:00","guid":{"rendered":"http:\/\/yokensaka.com\/centos\/?p=37"},"modified":"2014-07-19T20:10:28","modified_gmt":"2014-07-19T11:10:28","slug":"%e3%82%a6%e3%82%a3%e3%83%ab%e3%82%b9%e5%af%be%e7%ad%96clam-antivirus","status":"publish","type":"post","link":"http:\/\/yokensaka.com\/centos\/?p=37","title":{"rendered":"\u30a6\u30a3\u30eb\u30b9\u5bfe\u7b56(Clam Antivirus)"},"content":{"rendered":"

Clam Antivirus\u306fGPL\u30e9\u30a4\u30bb\u30f3\u30b9\u306b\u5f93\u3063\u3066\u5229\u7528\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u30aa\u30fc\u30d7\u30f3\u30bd\u30fc\u30b9\u306e\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u3067\u3042\u308a\u3001Linux\u3084BSD\u3001Mac OS X\u306a\u3069\u5404\u7a2eUNIX\u7cfb\u306e\u30b7\u30b9\u30c6\u30e0\u3067\u52d5\u4f5c\u3059\u308b\u30a2\u30f3\u30c1\u30a6\u30a4\u30eb\u30b9\u30bd\u30d5\u30c8\u3002\u3057\u304b\u3057yum\u3067\u306f\u306a\u304b\u306a\u304b\u6700\u65b0\u7248\u306b\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3055\u308c\u306a\u3044\u306e\u3067wget\u3067\u30bd\u30fc\u30b9\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3053\u3068\u306b\u3059\u308b\u3002
\n\u25a0\u53e4\u3044\u30d0\u30fc\u30b8\u30e7\u30f3\u306eclamav\u304c\u3042\u308b\u5834\u5408\u306f\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u304a\u304f<\/b><\/p>\n

\r\n\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u7528\u306b\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3057\u3066\u3042\u3063\u305f\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u5c55\u958b\u3002\r\n[root@server1 ~]# tar zxvf clamav-0.97.1_self.tar.gz\r\nclamav-0.97.1\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3078\u79fb\u52d5\r\n[root@server1 ~]# cd clamav-0.97.1\r\nclamav-0.97.1\u306e\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\r\n[root@server1 clamav-0.97.1]# make uninstall\r\nclamav-0.97.1\u306e\u30d5\u30a1\u30a4\u30eb\u3068\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30fc\u3092\u524a\u9664\r\n[root@server1 clamav-0.97.1]# cd\r\n[root@server1 ~]# rm -f clamav-0.97.1_self.tar.gz\r\n[root@server1 ~]# rm -rf clamav-0.97.1\r\n\u53e4\u3044\u30d0\u30fc\u30b8\u30e7\u30f3\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30fc\u306e\u524a\u9664\r\n[root@server1 ~]# rm -rf \/usr\/local\/clamav\r\n<\/pre>\n
\u25a0\u30e6\u30fc\u30b6\u3068\u30b0\u30eb\u30fc\u30d7\u306e\u4f5c\u6210<\/b><\/p>\n
\r\nclamav\u306f\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u524d\u306b\r\n\u300cclamav\u300d\u3068\u3044\u3046\u540d\u524d\u306e\u30e6\u30fc\u30b6\u3068\u30b0\u30eb\u30fc\u30d7\u3092\u4f5c\u6210\u3057\u3066\u304a\u304f\u5fc5\u8981\u304c\u3042\u308b\u3002\r\n[root@server1 ~]# groupadd clamav\r\n[root@server1 ~]# useradd -g clamav -s \/bin\/false clamav\r\n<\/pre>\n
\u25a0\u6700\u65b0\u7248\u306eClamAV\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3000\uff08\u6700\u65b0\u7248\u306f\u516c\u5f0f\u30b5\u30a4\u30c8\u3067\u78ba\u8a8d\u3067\u304d\u308b<\/a>\uff09<\/b><\/p>\n
\r\n[root@server11 ~]# wget http:\/\/downloads.sourceforge.net\/clamav\/clamav-0.97.2.tar.gz\r\n--2011-09-19 18:44:56--  http:\/\/downloads.sourceforge.net\/clamav\/clamav-0.97.2.tar.gz\r\ndownloads.sourceforge.net \u3092DNS\u306b\u554f\u3044\u3042\u308f\u305b\u3066\u3044\u307e\u3059... 216.34.181.59\r\ndownloads.sourceforge.net|216.34.181.59|:80 \u306b\u63a5\u7d9a\u3057\u3066\u3044\u307e\u3059... \u63a5\u7d9a\u3057\u307e\u3057\u305f\u3002\r\nHTTP \u306b\u3088\u308b\u63a5\u7d9a\u8981\u6c42\u3092\u9001\u4fe1\u3057\u307e\u3057\u305f\u3001\u5fdc\u7b54\u3092\u5f85\u3063\u3066\u3044\u307e\u3059... 301 Moved Permanently\r\n\u5834\u6240: http:\/\/downloads.sourceforge.net\/project\/clamav\/clamav\/0.97.2\/clamav-0.97.2.tar.gz [\u7d9a\u304f]\r\n--2011-09-19 18:44:56--  http:\/\/downloads.sourceforge.net\/project\/clamav\/clamav\/0.97.2\/clamav-0.97.2.tar.gz\r\ndownloads.sourceforge.net:80 \u3078\u306e\u63a5\u7d9a\u3092\u518d\u5229\u7528\u3057\u307e\u3059\u3002\r\nHTTP \u306b\u3088\u308b\u63a5\u7d9a\u8981\u6c42\u3092\u9001\u4fe1\u3057\u307e\u3057\u305f\u3001\u5fdc\u7b54\u3092\u5f85\u3063\u3066\u3044\u307e\u3059... 302 Found\r\n\u5834\u6240: http:\/\/jaist.dl.sourceforge.net\/project\/clamav\/clamav\/0.97.2\/clamav-0.97.2.tar.gz [\u7d9a\u304f]\r\n--2011-09-19 18:44:57--  http:\/\/jaist.dl.sourceforge.net\/project\/clamav\/clamav\/0.97.2\/clamav-0.97.2.tar.gz\r\njaist.dl.sourceforge.net \u3092DNS\u306b\u554f\u3044\u3042\u308f\u305b\u3066\u3044\u307e\u3059... 2001:200:141:feed::feed, 150.65.7.130\r\njaist.dl.sourceforge.net|2001:200:141:feed::feed|:80 \u306b\u63a5\u7d9a\u3057\u3066\u3044\u307e\u3059... \u5931\u6557\u3057\u307e\u3057\u305f: \u63a5\u7d9a\u3092\u62d2\u5426\u3055\u308c\u307e\u3057\u305f.\r\njaist.dl.sourceforge.net|150.65.7.130|:80 \u306b\u63a5\u7d9a\u3057\u3066\u3044\u307e\u3059... \u63a5\u7d9a\u3057\u307e\u3057\u305f\u3002\r\nHTTP \u306b\u3088\u308b\u63a5\u7d9a\u8981\u6c42\u3092\u9001\u4fe1\u3057\u307e\u3057\u305f\u3001\u5fdc\u7b54\u3092\u5f85\u3063\u3066\u3044\u307e\u3059... 200 OK\r\n\u9577\u3055: 44703953 (43M) [application\/x-gzip]\r\n`clamav-0.97.2.tar.gz' \u306b\u4fdd\u5b58\u4e2d\r\n100%[=========================================================================>] 44,703,953  15.3M\/s \u6642\u9593 2.8s\r\n2011-09-19 18:45:00 (15.3 MB\/s) - `clamav-0.97.2.tar.gz' \u3078\u4fdd\u5b58\u5b8c\u4e86 [44703953\/44703953]\r\nclamav-0.97.2\u3092\u5c55\u958b\r\n[root@server1 ~]# tar zxvf clamav-0.97.2.tar.gz\r\n\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u305f\u30d5\u30a1\u30a4\u30eb\u3092\u524a\u9664\r\n[root@server1 ~]# rm -f clamav-0.97.2.tar.gz\r\nclamav-0.97.2\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30fc\u3078\u79fb\u52d5\r\n[root@server1 ~]# cd clamav-0.97.2\r\nMakefile\u3092\u81ea\u52d5\u4f5c\u6210\u3059\u308b\u305f\u3081\u306e\u30c4\u30fc\u30eb\u300cconfigure\u300d\u3092\u5b9f\u884c\u3002\r\n[root@server1 clamav-0.97.2]# .\/configure --prefix=\/usr\/local\/clamav\r\n\u9014\u4e2d\u3001zlib-devel \u30d1\u30c3\u30b1\u30fc\u30b8\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u306a\u3044\u3088\u3046\u3067\u30a8\u30e9\u30fc\u306b\u306a\u3063\u305f\u3002\r\nzlib-devel \u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3002\r\n[root@server1 ~]# yum install zlib-devel\r\n\u518d\u5ea6\u300cconfigure\u300d\u3092\u5b9f\u884c\u3002\r\n[root@server1 clamav-0.97.2]# .\/configure --prefix=\/usr\/local\/clamav\r\nmake\u3092\u5b9f\u884c\u3057\u3001clamav\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\r\n[root@server1 clamav-0.97.2]# make\r\n[root@server1 clamav-0.97.2]# make install\r\n<\/pre>\n
\u25a0\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u7528\u306b\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3057\u3066\u304a\u304f<\/b><\/p>\n
\r\n[root@server1 clamav-0.97.2]# cd\r\n[root@server1 ~]# tar cvf clamav-0.97.2_self.tar .\/clamav-0.97.2\r\n[root@server1 ~]# gzip clamav-0.97.2_self.tar\r\n<\/pre>\n
\u25a0\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u5909\u66f4<\/b>
\n\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304c\u6b63\u5e38\u306b\u5b8c\u4e86\u3057\u305f\u3089\u307e\u305a\u3001\u4e8c\u3064\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb
\n\/usr\/local\/clamav\/etc\/freshclam.conf
\n\/usr\/local\/clamav\/etc\/clamd.conf
\n\u3092\u30a8\u30c7\u30a3\u30bf\u3067\u958b\u304dExample\u3068\u66f8\u304b\u308c\u305f\u884c\u3092\u30b3\u30e1\u30f3\u30c8\u30a2\u30a6\u30c8\u3057\u3001\u4fdd\u5b58\u3002<\/p>\n
\r\n[root@server\uff11 ~]# vi \/usr\/local\/clamav\/etc\/freshclam.conf\r\n# Comment or remove the line below.\r\nExample\r\n\u2193\r\n#Example\r\n[root@server\uff11 ~]# vi \/usr\/local\/clamav\/etc\/clamd.conf\r\n# Comment or remove the line below.\r\nExample\r\n\u2193\r\n#Example\r\n<\/pre>\n
\u25a0\u300cfreshclam\u300d\u3092\u4f7f\u7528\u3057\u3066VirusDB\u3092\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8<\/b><\/p>\n
\r\n[root@server1 ~]# \/usr\/local\/clamav\/bin\/freshclam\r\nClamAV update process started at Mon Sep 19 19:24:31 2011\r\nmain.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)\r\nWARNING: getfile: daily-13357.cdiff not found on remote server (IP: 219.106.242.51)\r\nWARNING: getpatch: Can't download daily-13357.cdiff from database.clamav.net\r\nWARNING: getfile: daily-13357.cdiff not found on remote server (IP: 203.212.42.128)\r\nWARNING: getpatch: Can't download daily-13357.cdiff from database.clamav.net\r\nWARNING: getfile: daily-13357.cdiff not found on remote server (IP: 27.96.54.66)\r\nWARNING: getpatch: Can't download daily-13357.cdiff from database.clamav.net\r\nWARNING: Incremental update failed, trying to download daily.cvd\r\nDownloading daily.cvd [100%]\r\ndaily.cvd updated (version: 13636, sigs: 193983, f-level: 60, builder: arnaud)\r\nDownloading bytecode.cvd [100%]\r\nbytecode.cvd updated (version: 144, sigs: 41, f-level: 60, builder: edwin)\r\nDatabase updated (1040238 signatures) from database.clamav.net (IP: 120.29.176.126)\r\n<\/pre>\n
\u25a0\u30a6\u30a3\u30eb\u30b9\u30b9\u30ad\u30e3\u30f3\u78ba\u8a8d\uff08\/etc\/passwd\u3092\u30b9\u30ad\u30e3\u30f3\u3057\u3066\u307f\u308b\uff09<\/b><\/p>\n
\r\n[root@server1 ~]# \/usr\/local\/clamav\/bin\/clamscan --infected --remove --recursive \/etc\/passwd\r\n----------- SCAN SUMMARY -----------\r\nKnown viruses: 1038820\r\nEngine version: 0.97.2\r\nScanned directories: 0\r\nScanned files: 1\r\nInfected files: 0\r\nData scanned: 0.00 MB\r\nData read: 0.00 MB (ratio 0.00:1)\r\nTime: 8.935 sec (0 m 8 s)\r\nversion: 0.97.2\u3067\u30b9\u30ad\u30e3\u30f3\u3055\u308c\u3066\u308b\u3053\u3068\u3092\u78ba\u8a8d\r\n<\/pre>\n
\u25a0Clam AntiVirus\u306e\u5b9a\u671f\u81ea\u52d5\u5b9f\u884c\u8a2d\u5b9a<\/b><\/p>\n
\r\n\u6bce\u65e5\u81ea\u52d5\u7684\u306b\u30a6\u30a3\u30eb\u30b9\u5b9a\u7fa9\u30d5\u30a1\u30a4\u30eb\u6700\u65b0\u5316\u3057\u3066\u3001\u5168\u3066\u306e\u30d5\u30a1\u30a4\u30eb\u306e\u30a6\u30a3\u30eb\u30b9\u30b9\u30ad\u30e3\u30f3\u3092\u884c\u3046\u30b9\u30d7\u30ea\u30af\u30c8\u306e\u4f5c\u6210\r\n[root@server1 ~]# vi clamscan\r\n#!\/bin\/bash\r\nPATH=\/usr\/bin:\/bin\r\n# excludelist\r\nexcludelist=\/root\/clamscan.exclude\r\nif [ -s $excludelist ]; then\r\nfor i in `cat $excludelist`\r\ndo\r\nif [ $(echo \"$i\"|grep \\\/$) ]; then\r\ni=`echo $i|sed -e 's\/^\\([^ ]*\\)\\\/$\/\\1\/p' -e d`\r\nexcludeopt=\"${excludeopt} --exclude-dir=$i\"\r\nelse\r\nexcludeopt=\"${excludeopt} --exclude=$i\"\r\nfi\r\ndone\r\nfi\r\nCLAMSCANTMP=`mktemp`\r\n\/usr\/local\/clamav\/bin\/freshclam > \/dev\/null\r\n\/usr\/local\/clamav\/bin\/clamscan --recursive --remove ${excludeopt} \/ > $CLAMSCANTMP 2>&1\r\n[ ! -z \"$(grep FOUND$ $CLAMSCANTMP)\" ] && \\\r\ngrep FOUND$ $CLAMSCANTMP | mail -s \"Virus Found in `hostname`\" root\r\nrm -f $CLAMSCANTMP\r\n<\/pre>\n
\u25a0Clam AntiVirus\u5b9a\u671f\u81ea\u52d5\u5b9f\u884c\u30b9\u30af\u30ea\u30d7\u30c8\u306b\u5b9f\u884c\u6a29\u9650\u4ed8\u52a0<\/b><\/p>\n
\r\n[root@server1 ~]# chmod 700 clamscan\r\n<\/pre>\n
\u25a0cron\u7de8\u96c6<\/b><\/p>\n
\r\n[root@server1 ~]# crontab -e\r\n00 03 * * * \/root\/clamscan\u3000\u2190\u3000\u8ffd\u52a0(\u6bce\u65e53:00\u306bClam AntiVirus\u306e\u5b9a\u671f\u81ea\u52d5\u5b9f\u884c)<\/pre>\n
\u25a0\u30b9\u30ad\u30e3\u30f3\u9664\u5916\u8a2d\u5b9a<\/b><\/p>\n
\/backup\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3068\/sys\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u30b9\u30ad\u30e3\u30f3\u5bfe\u8c61\u5916\u306b\u3059\u308b\u3088\u3046\u306b\u8a2d\u5b9a\r\n[root@server1 ~]# echo \"\/backup\/\" >> clamscan.exclude\r\n[root@server1 ~]# echo \"\/sys\/\" >> clamscan.exclude\r\n<\/pre>\n
\u25b2 \u30da\u30fc\u30b8\u30c8\u30c3\u30d7\u3078<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"
Clam Antivirus\u306fGPL\u30e9\u30a4\u30bb\u30f3\u30b9\u306b\u5f93\u3063\u3066\u5229\u7528\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u308b\u30aa\u30fc\u30d7 … \u7d9a\u304d\u3092\u8aad\u3080 →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-37","post","type-post","status-publish","format-standard","hentry","category-clam-antivirus"],"_links":{"self":[{"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=\/wp\/v2\/posts\/37","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=37"}],"version-history":[{"count":1,"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=\/wp\/v2\/posts\/37\/revisions"}],"predecessor-version":[{"id":230,"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=\/wp\/v2\/posts\/37\/revisions\/230"}],"wp:attachment":[{"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=37"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=37"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/yokensaka.com\/centos\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=37"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}