Ubuntu上安装和使用恶意软件检测工具 LMD 及杀毒引擎 ClamAV;
安装参考:https://yq.aliyun.com/articles/87014
本人在/usr/local/maldetect/conf.maldet 配置文件中 设置了cpulimit 限制cpu的使用
1、maldetect 安装后执行扫描无效果
maldet --scan-all /tmp
root@sxs-dev16:~# maldet --scan-all /tmp
Linux Malware Detect v1.6.4
(C) 2002-2019, R-fx Networks <proj@rfxn.com>
(C) 2019, Ryan MacDonald <ryan@rfxn.com>
This program may be freely redistributed under the terms of the GNU GPL v2
maldet(28807): {scan} signatures loaded: 17189 (14367 MD5 | 2039 HEX | 783 YARA | 0 USER)
maldet(28807): {scan} building file list for /tmp, this might take awhile...
maldet(28807): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(28807): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration.
处理方式:去掉cpulimit限制;
sed -i -e 's#scan_cpulimit=".*\?"#scan_cpulimit="0"#' /usr/local/maldetect/conf.maldet
参考:cpulimit bug in LMD v1.6.4 https://ask.csdn.net/questions/4988055
2、clamscan进行扫描报错:/usr/local/clamav/bin/clamscan /root
root@sxs-dev02:/srv/wkk# clamscan -v
LibClamAV Error: cl_load(): No such file or directory: /usr/local/clamav/share/clamav
ERROR: Can't get file status
----------- SCAN SUMMARY -----------
Known viruses: 0
Engine version: 0.102.3
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 0.000 sec (0 m 0 s)
需要有可用的病毒库文件,同时用户和组的权限也需要设定。
# 更新病毒库
/usr/local/clamav/bin/freshclam
参数:https://blog.csdn.net/liumiaocn/article/details/76577867