![]() INFECTED_SUMMARY= `cat $SUMMARY_FILE | grep Infected ` Sudo clamdscan -log " $LOG " -infected -multiscan -fdpass " $TARGET " > " $SUMMARY_FILE " #!/bin/bash export LOG= "/var/log/clamav/scan.log " export TARGET= "/ " export SUMMARY_FILE= `mktemp ` export SCAN_STATUSĮcho "- SCAN START - " > " $LOG " echo "Running scan on `date ` " > " $LOG " This is located in /etc/clamav/nf ExtendedDetectionInfo yesĪdd a notifitcation script to /etc/clamav/detected.sh and make sure it's executable with a chmod +x Very verbose logging of access errors (tens of thousands of lines per hour). ![]() I identified two large issues with on-access scanning: In order to facilitate this, I decided to create a system daemon to run the clamonacc script automatically. The ClamAV daemon does not start on-access scanning automatically. ![]() Additionally, ClamAV can be configured to interact with potential vulnerabilities directly - however I would not personally be comfortable with such an implementation on my systems, and have opted to skip this. My goal was to log and notify potential vulnerabilities. I attempted to configure the ClamAV daemon to scan accessed files. $ sudo apt-get install clamav clamscan clamav-daemon On-Access ScanningĬlamAV comes with on-access scanning.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |