[tomopugh@localhost /]#

Linux 　　« Network | HOME | ターミナルがいかれる！ »

(Cent OS 4.4)

LinuxのVirus Scanってフリーソフトを使うことがおおいけど、初めてフリーソフトじゃなくて製品版のVirus Scanをさわる。
あー、久しぶりにこの会社にいてよかった。って思った☆

Minimum requirements
Linux for Intel 32 bit distributions with 2.4 or 2.6 kernel
libc6 (glibc)
gcc 3.2
libstdc++.so.5

How to install
1. Download the software

2. Move to the directory where has an installation file.

3. Extract
# zcat vlp4510.tar.Z | tar -xf -

4. After create installation directory, install it. (For me, under /opt/virus-scan/)
# ./install-uvscan directory
If I dont specify installation directory, it is automatically installed in /usr/local/uvscan

5. System asks you to create symbolic link automoatically, then yes to all.

6. Remove installation files.

How to use
Basically,
# uvscan options target

add it in crontab for scheduling scan.

Update DAT file
Have to do this regularly when new DAT files are coming.

1. Create download directory

2. Downlaod DAT file
# wget file-location

3. Extract
# tar -xf file

4. Move all DAT file to the installation directory
# mv *.dat directory

Create task file
This can contain only option. Then these option can be called out from this file easily like below.
Benefit is I dont need to memorize options.

# uvscan --load task --file target
or
# uvscan --config task --file target

contents of task file is like this.
# nano task1
-r -options

also target can be mentioned in another file like this.
# nano file_list1
/root
/home
/boot

then run command like below.
# uvscan --load task1 --file file_list1

Options
Scanning options
--config or --load [file]
Run the options specified in [file]
--exclude [file]
Exclude the directories or files from the scan as specified in [file]
--extensions [ext1,ext2,...]
Scan files with these extensions
-f or --file [file]
Scan the directories or files as specified in [file]
--mime
Scan MIME encoded files. (MIME is not scanned by default.)
--one-file-system
Dont not scan mounted files.
-r
Scan including all sub directories. (recursive)
--unzip
Scan inside archive files.

Responce options
-c
Automatically clean any virues from infected files.
--delete
Automatically delete any infected files.
-m [directory]
Move any infected files to quarantine location as specified.
If use this ooption with -c, the program copies the infected files to a quarantine location and tries to clean the original. If the program can not clean the original, it deletes the files.

General options
--summary
Produce a summary of the scan.
-v
Desplay a progress summary during the scan.
--version
Display the scanner's version number.
-h
Display help
--virus-list
Display the name of each virus that the scanner can detect.

Automatic DAT file update

1. Create .netrc file in your home directory.
.netrd file is used for auto FTP login and the info what you wanna do on FTP server.
It is like FTP batch file for Windows.
# touch .netrc

2. Change permission not to show this file to other.
# chmod 600 .netrc

3. Input below in .netrc (What you wanna do on FTP server)
# nano .netrc
machine ftp.nai.com
login anonymous
password email_address
macdef init
cd pub/antivirus/datfiles/4.x
bin
prompt
mget dat-*.tar
close
bye

4. Try to run .netrc
# ftp ftp.nai.com
Then above .netrc file is executed.

What is "macdef init"?
This is needed between login command and acutal FTP command.
One blank line is necessary at the end of FTP command. Then system can recognize as FTP command is end. If you want to add another server info, you can start input after the blank line.

5. Create Shell Script
Create dat_update.sh in the installation directory.
# nano dat_update.sh

#!/bin/bash
# Assume uvscan is installed in the same directory
# as this script.
install_directory=`dirname $0`

# Create a download directory
mkdir /tmp/dat-updates
cd /tmp/dat-updates

# Get the version of the currently installed DAT files
# from the info given by the --version option
current_version=`
$install_directory/uvscan --version |
grep "Virus data file" |
awk '{ print substr($4,2,4) }'`

# Get the new DATs.
# The entry in your .netrc file should take care
# of the downloading.
ftp ftp.nai.com

# Get the version of the new DATs from the file name.
new_version=`echo dat-*.tar | awk '{ print substr($1,5,4) }'`

# If they are the same age or older
# than the current ones,do not install them.
if [ "$current_version" -ge "$new_version" ]
then
echo "No new DATs available at this time"
echo "Currently installed version: $current_version"
echo "Version on FTP site: $new_version"
else
tar -xf dat-*.tar

# Move them to the install directory, making sure
# that the file name is lower case

for file in `tar -tf dat-*.tar`
do
newfile=`echo $file | tr [A-Z] [a-z]`
mv ./$file “$install_directory/$newfile”
done

# Get the current version again and make sure
# that the new DATs installed correctly.
current_version=`

$install_directory/uvscan --version |
grep "Virus data file" |
awk '{ print substr($4,2,4) }'`

if [ ! "$current_version" -eq "$new_version" ]
then
echo "DAT file updates did not work correctly."
echo "Please try manually."
fi
fi

# Delete the directory that you created.
cd /
rm -fr /tmp/dat-updates

# chmod 755 dat_update.sh

add it in crontab for scheduling update.

Comment

Please comment !