Installazione Clamav in Debian: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
|||
| Line 56: | Line 56: | ||
* Riattivare il daemon di aggiornamento | * Riattivare il daemon di aggiornamento | ||
sudo /etc/init.d/clamav-freshclam start | sudo /etc/init.d/clamav-freshclam start | ||
=Test Clamav= | |||
* Installare i test files: | |||
sudo apt-get install clamav-testfiles | |||
clamscan /usr/share/clamav-testfiles/ | |||
<pre> | |||
----------- SCAN SUMMARY ----------- | |||
Known viruses: 8484890 | |||
Engine version: 0.99.2 | |||
Scanned directories: 1 | |||
Scanned files: 46 | |||
Infected files: 46 | |||
Data scanned: 13.76 MB | |||
Data read: 6.21 MB (ratio 2.22:1) | |||
Time: 23.877 sec (0 m 23 s) | |||
</pre> | |||
* Verificare se utilizza le firme di Safebrowsing: | |||
<pre> | |||
cat > /tmp/test-safebrowsing <<EOFile | |||
Return-Path: <username@example.com> | |||
Delivered-To: <destination@example.com> | |||
Received: from servername.example.com | |||
by servername.example.com (Dovecot) with LMTP id xI3QK3XIrVjAYAAA25iMvQ | |||
for <destination@example.com>; Wed, 22 Feb 2017 18:20:53 +0100 | |||
Date: Wed, 22 Feb 2017 18:20:58 +0100 | |||
To: destination@example.com | |||
From: username@example.com | |||
Subject: test Wed, 22 Feb 2017 18:20:58 +0100 | |||
X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/ | |||
Message-Id: <20170222172053.A4DFADEAEA@servername.example.com> | |||
http://www.ianfette.org/ | |||
EOFile | |||
</pre> | |||
clamscan -v /tmp/test-safebrowsing | |||
<pre> | |||
Scanning /tmp/test-safebrowsing | |||
/tmp/test-safebrowsing: Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net FOUND | |||
----------- SCAN SUMMARY ----------- | |||
Known viruses: 8484890 | |||
Engine version: 0.99.2 | |||
Scanned directories: 0 | |||
Scanned files: 1 | |||
Infected files: 1 | |||
Data scanned: 0.00 MB | |||
Data read: 0.00 MB (ratio 0.00:1) | |||
Time: 41.610 sec (0 m 41 s) | |||
</pre> | |||
* Rimuovere i testfiles: | |||
sudo apt-get remove --purge clamav-testfiles | |||
= Installazione decompressori = | = Installazione decompressori = | ||
| Line 63: | Line 123: | ||
==Debian >= Wheezy== | ==Debian >= Wheezy== | ||
sudo apt-get install unrar arj unzip unace-nonfree | sudo apt-get install unrar arj unzip unace-nonfree | ||
=Riferimenti= | |||
*[https://sdeziel.info/postfix.html Postfix guide] | |||
Revision as of 12:04, 23 February 2017
Installazione
Debian Squeeze
- Aggiungere la fonte, se non già presente:
sudoedit /etc/apt/sources.list
... deb http://ftp.it.debian.org/debian squeeze-updates main contrib non-free deb http://security.debian.org/ squeeze/updates main contrib non-free ...
- Installare
sudo apt-get update && \ sudo apt-get dist-upgrade && \ sudo apt-get install clamav-daemon libclamunrar6
Debian >= Wheezy
- Installare
sudo apt-get update && \ sudo apt-get dist-upgrade && \ sudo apt-get install clamav clamav-daemon libclamunrar7
Configurazione
- Per il funzionamento con amavis, impostare:
sudoedit /etc/clamav/clamd.conf
AllowSupplementaryGroups true
- Altrimenti la scansione di amavis fallisce con clamd, e si ottiene l'errore:
Mar 11 18:59:40 myserver amavis[18226]: (18226-03) (!)run_av (ClamAV-clamd) FAILED - unexpected , output="/var/lib/amavis/tmp/amavis-20160311T185044-18226-VIje1ebd/parts: lstat() failed: Permission denied. ERROR\n"
- Impostare lo scaricamento delle signatures di Google Safebrowsing per i siti di Phishing e malware:
sudoedit /etc/clamav/freshclam.conf
SafeBrowsing Yes
- Riavviare clamav-daemon:
sudo /etc/init.d/clamav-daemon stop; sudo /etc/init.d/clamav-daemon start
- Se necessario, impostare un proxy per lo scaricamento degli aggiornamenti:
sudoedit /etc/clamav/freshclam.conf
HTTPProxyServer proxy.metrica.priv HTTPProxyPort 3128
- Fermare il daemon di aggiornamento
sudo /etc/init.d/clamav-freshclam stop
- Aggiornare il database, e verificare che scarichi anche le firme di Google Safebrowsing:
sudo freshclam -v
- Riattivare il daemon di aggiornamento
sudo /etc/init.d/clamav-freshclam start
Test Clamav
- Installare i test files:
sudo apt-get install clamav-testfiles
clamscan /usr/share/clamav-testfiles/
----------- SCAN SUMMARY ----------- Known viruses: 8484890 Engine version: 0.99.2 Scanned directories: 1 Scanned files: 46 Infected files: 46 Data scanned: 13.76 MB Data read: 6.21 MB (ratio 2.22:1) Time: 23.877 sec (0 m 23 s)
- Verificare se utilizza le firme di Safebrowsing:
cat > /tmp/test-safebrowsing <<EOFile Return-Path: <username@example.com> Delivered-To: <destination@example.com> Received: from servername.example.com by servername.example.com (Dovecot) with LMTP id xI3QK3XIrVjAYAAA25iMvQ for <destination@example.com>; Wed, 22 Feb 2017 18:20:53 +0100 Date: Wed, 22 Feb 2017 18:20:58 +0100 To: destination@example.com From: username@example.com Subject: test Wed, 22 Feb 2017 18:20:58 +0100 X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/ Message-Id: <20170222172053.A4DFADEAEA@servername.example.com> http://www.ianfette.org/ EOFile
clamscan -v /tmp/test-safebrowsing
Scanning /tmp/test-safebrowsing /tmp/test-safebrowsing: Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net FOUND ----------- SCAN SUMMARY ----------- Known viruses: 8484890 Engine version: 0.99.2 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 41.610 sec (0 m 41 s)
- Rimuovere i testfiles:
sudo apt-get remove --purge clamav-testfiles
Installazione decompressori
Debian Squeeze
sudo apt-get install unrar arj unzip unace
Debian >= Wheezy
sudo apt-get install unrar arj unzip unace-nonfree