Cara Install Clam AntiVirus untuk protect servers dari serangan virus.

Posted on by dwinar

Untuk install Install clamav di CentOS 7, harus menggunakan repo epel terlebih dahulu. Jika belum mengaktifkan repo epel, bisa mengikuti tutorial saya yang ini. Setelah itu install clamav dengan perintah sebagai berikut.

yum install clamav clamav-update -y

Update clamav

[root@server ~]# freshclam
ClamAV update process started at Fri Feb  1 02:15:37 2019
WARNING: Can't query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
WARNING: getfile: Unknown response from database.clamav.net (IP: 104.16.188.138)                                                                                                             : HTTP/1.0 502
WARNING: Can't download main.cvd from database.clamav.net
Trying again in 5 secs...
WARNING: Can't query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Downloading main.cvd [100%]
main.cvd updated (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Downloading daily.cvd [100%]
daily.cvd updated (version: 25345, sigs: 2229880, f-level: 63, builder: raynman)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 328, sigs: 94, f-level: 63, builder: neo)
Database updated (6796223 signatures) from database.clamav.net (IP: 104.16.185.1                                                                                                             38)
[root@server ~]#

Untuk perintah scan anti virus clamav adalah dengan perintah berikut.

[root@server ~]# clamscan --infected --remove --recursive /home

----------- SCAN SUMMARY -----------
Known viruses: 6788923
Engine version: 0.101.1
Scanned directories: 2
Scanned files: 3
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 23.140 sec (0 m 23 s)
[root@server ~]#

Untuk uji coba download virus.

[root@server ~]# curl -O http://www.eicar.org/download/eicar.com

Sekarang coba scan kembali.

[root@server ~]# clamscan --infected --remove --recursive .
./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed.

----------- SCAN SUMMARY -----------
Known viruses: 6788923
Engine version: 0.101.1
Scanned directories: 10
Scanned files: 11
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 20.088 sec (0 m 20 s)
[root@server ~]#

Terlihat virus tesebut telah dihapus oleh clamav.  Demikian tuturial saya kali ini terimakasih telah membaca.

Leave a Reply

Your email address will not be published. Required fields are marked *