# the latest virus detections in your environment. # When enabled freshclam will submit statistics to the ClamAV Project about # by libclamav before replacing the old ones. # databases into memory to make sure they are properly handled # With this option enabled, freshclam will attempt to load new # Timeout in seconds when reading from database server. # Timeout in seconds when connecting to database server. # In the command string %v will be replaced by the new version number. # Run command when freshclam reports outdated version. # Run command when database update process fails. # Run command after successful database update. # Default: Use OS’es default outgoing IP address. # Use as client address for downloading databases. # filtering you can use this option to force the use of a different # If your servers are behind a firewall/proxy which applies User-Agent This option overrides DatabaseMirror, DNSDatabaseInfo For each database, freshclam first attempts # use the If-Modified-Since request or directly check the headers of the # to determine whether its databases are out-of-date, instead it will # If PrivateMirror is set, freshclam does not attempt to use DNS # This option allows you to easily point freshclam to private mirrors. #DatabaseCustomURL file:///mnt/nfs/local.hdb # With this option you can provide custom sources ( or file://) for # the change will take effect with the next database update. With this option you can enable the compression # By default freshclam will keep the local databases (.cld) uncompressed to # With this option you can control scripted updates. # How many attempts to make before giving up. DO NOT TOUCH the following line unless you know what you It’s used as a fall back in case db.XY. is # is a round-robin record which points to our most # You can use db.XY. for IPv6 connections. # Uncomment the following line and replace XY with your country # WARNING: Do not touch it unless you’re configuring freshclam to use your # to verify database and software versions. # Use DNS to verify virus database version. # Initialize supplementary group access (freshclam must be started by root). # Default: clamav (may depend on installation options) This directive allows you to change the database owner. # By default when started freshclam drops privileges and switches to the # This option allows you to save the process identifier of the daemon Always enabled when LogFileMaxSize is enabled. # Specify the type of syslog messages – please refer to ‘man syslog’ # Use system logger (can work together with UpdateLogFile). # log rotation (the LogRotate option) will always be enabled. # and ‘K’ or ‘k’ for kilobytes (1K = 1k = 1024 bytes). # You may use ‘M’ or ‘m’ for megabytes (1M = 1m = 1048576 bytes) # Path to the log file (make sure it has proper permissions) # Default: hardcoded (depends on installation options) # Please read the nf(5) manual before editing this file. My conf file does not deviate from the default by much, but here it is in case you want to use it. Next is the config file for nf which has the configurations for freshclam which updates the virus definiton files. # /etc/nf file created by Justin Roysdon Yum Technology Use man nf for help understanding the different options. You can use my config files and just change the settings you need to change. We need to create the configuration files now. Then, if the install did not already create them, create a couple of new users, clamscan and clamupdate: Yum –disablerepo=* –enablerepo=epel install clamav clamav-scanner clamav-scanner-systemd clamav-server clamav-server-systemd clamav-update See my blog on installing EPEL if you need assistance. Next, use the EPEL repo to install the ClamAV program. But, netcat is easily found and installed from the CentOS/RedHat install media or the default repos. I hope they remove that requirement at some point in the future as having netcat on a system just adds another vector of attack. Unfortunately, netcat (or simply nc) is required to install ClamAV. It is not particularly difficult, but I did not find any good documentation for CentOS 7 or RedHat 7. You also have to change the permissions on the log files to allow these two users to write to the log files. You may also need to create a couple of users (one for scanning and one for updating, it’s best to use two separate users). You must create your own /etc/nf and /etc/nf files in order for it to run properly. It is available for many versions of Linux, but the default configuration files are poorly written and do not work in their default settings. Linux has a great option for a virus scanner called ClamAV. Like it or not, viruses are a real part of running a server, even a CentOS 7 server.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |