Otomatik ClamAv Scan

ClamAv ile otomatik tarama yapıp sonuçları mail atmak için uygulayabilirsiniz.

İlk Önce ClamAv Kuruyoruz,  Whm Cpanel kullananlar kurulum işlemini panelden yapabilirler.

[sourcecode language=”powershell”]

yum install clamav clamav-db clamd
/etc/init.d/clamd start

[/sourcecode]

 

Günlük tarama

[sourcecode language=”powershell”]
emacs /etc/cron.daily/clamscan_daily
[/sourcecode]

[sourcecode language=”powershell”]
#!/bin/bash

# email subject
SUBJECT=”VIRUS DETECTED ON `hostname`!!!”
# Email To ?
EMAIL=”me@domain.com”
# Log location
LOG=/var/log/clamav/scan.log

check_scan () {

# Check the last set of results. If there are any “Infected” counts that aren’t zero, we have a problem.
if [ `tail -n 12 ${LOG} | grep Infected | grep -v 0 | wc -l` != 0 ]
then
EMAILMESSAGE=`mktemp /tmp/virus-alert.XXXXX`
echo “To: ${EMAIL}” >> ${EMAILMESSAGE}
echo “From: alert@domain.com” >> ${EMAILMESSAGE}
echo “Subject: ${SUBJECT}” >> ${EMAILMESSAGE}
echo “Importance: High” >> ${EMAILMESSAGE}
echo “X-Priority: 1” >> ${EMAILMESSAGE}
echo “`tail -n 50 ${LOG}`” >> ${EMAILMESSAGE}
sendmail -t < ${EMAILMESSAGE} fi } clamscan -r / --exclude-dir=/sys/ --quiet --infected --log=${LOG} check_scan [/sourcecode] [sourcecode language="powershell"] chmod +x /etc/cron.daily/clamscan_daily [/sourcecode]

Saatlik tarama

[sourcecode language=”powershell”]
emacs /etc/cron.hourly/clamscan_hourly
[/sourcecode]

[sourcecode language=”powershell”]
#!/bin/bash

# email subject
SUBJECT=”VIRUS DETECTED ON `hostname`!!!”
# Email To ?
EMAIL=”me@domain.com”
# Log location
LOG=/var/log/clamav/scan.log

check_scan () {

# Check the last set of results. If there are any “Infected” counts that aren’t zero, we have a problem.
if [ `tail -n 12 ${LOG} | grep Infected | grep -v 0 | wc -l` != 0 ]
then
EMAILMESSAGE=`mktemp /tmp/virus-alert.XXXXX`
echo “To: ${EMAIL}” >> ${EMAILMESSAGE}
echo “From: alert@domain.com” >> ${EMAILMESSAGE}
echo “Subject: ${SUBJECT}” >> ${EMAILMESSAGE}
echo “Importance: High” >> ${EMAILMESSAGE}
echo “X-Priority: 1” >> ${EMAILMESSAGE}
echo “`tail -n 50 ${LOG}`” >> ${EMAILMESSAGE}
sendmail -t < ${EMAILMESSAGE} fi } find / -not -wholename '/sys/*' -and -not -wholename '/proc/*' -mmin -61 -type f -print0 | xargs -0 -r clamscan --exclude-dir=/proc/ --exclude-dir=/sys/ --quiet --infected --log=${LOG} check_scan find / -not -wholename '/sys/*' -and -not -wholename '/proc/*' -cmin -61 -type f -print0 | xargs -0 -r clamscan --exclude-dir=/proc/ --exclude-dir=/sys/ --quiet --infected --log=${LOG} check_scan [/sourcecode] [sourcecode language="powershell"] chmod +x /etc/cron.hourly/clamscan_hourly [/sourcecode]

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir