clamav – solution antivirale open source
ClamAV est un antivirus open source (GPL) conçu pour détecter les chevaux de Troie, les virus, les logiciels malveillants et autres menaces malveillantes sur Linux. Cet article détaille l’installation pas-à-pas de la solution.
Installer le moteur clamav
Lancer les commandes suivantes depuis votre terminal
# apt-get purge -y clamav-unofficial-sigs
# apt-get update && apt-get install -y clamav-base clamav-freshclam clamav clamav-daemon
# mkdir -p /usr/local/sbin/
# wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/clamav-unofficial-sigs.sh -O /usr/local/sbin/clamav-unofficial-sigs.sh && chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh
# mkdir -p /etc/clamav-unofficial-sigs/
# wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/master.conf -O /etc/clamav-unofficial-sigs/master.conf
# wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/user.conf -O /etc/clamav-unofficial-sigs/user.conf
# wget "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/os/os.debian.conf" -O /etc/clamav-unofficial-sigs/os.conf
Executer le script suivant afin de s’assurer qu’il n’y a pas d’erreurs, corriger les dépendances manquantes le script doit s’exécuter une fois en tant que super-utilisateur pour définir toutes les autorisations et créer les répertoires pertinents
/usr/local/sbin/clamav-unofficial-sigs.sh --force
Installer la rotation des logs et le man
/usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate
/usr/local/sbin/clamav-unofficial-sigs.sh --install-man
Installer les signatures non official pour clamav
Installer les services pour clamav-unofficial-sigs via systemd
mkdir -p /etc/systemd/system/
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/systemd/clamav-unofficial-sigs.service -O /etc/systemd/system/clamav-unofficial-sigs.service
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/systemd/clamav-unofficial-sigs.timer -O /etc/systemd/system/clamav-unofficial-sigs.timer
systemctl enable clamav-unofficial-sigs.service
systemctl enable clamav-unofficial-sigs.timer
systemctl start clamav-unofficial-sigs.timer
clamdscan --multiscan --allmatch --remove --no-summary --fdpass /echange/
clamdscan --multiscan --allmatch --remove --fdpass /echange/
30 20 * * * /usr/bin/clamdscan --multiscan --allmatch --remove --fdpass /echange >> /var/log/clamav/manual_clamscan.log
touch /var/log/clamav/manual_clamscan.log
Références
https://github.com/extremeshok/clamav-unofficial-sigs
https://github.com/extremeshok/clamav-unofficial-sigs/blob/master/guides/ubuntu-debian.md
http://manpages.ubuntu.com/manpages/bionic/man1/clamdscan.1.html