按照以前用windows的方法,我想我还是在我的Kali linux 上装个杀毒软件安心一点.于是我选择了clamav.

安装很简单:

点击(此处)折叠或打开

  1. apt-cache search clamav
  2. apt-get install clamav clamtk clamav-daemon

安装完成后先man 一下命令行扫描工具.也可以打开clamtk看下GUI.

点击(此处)折叠或打开

  1. man clamscan
首先碰到一个错误是

点击(此处)折叠或打开

  1. clamscan -v *
  2. LibClamAV Error: cli_loaddbdir(): No supported database files found in /var/lib/clamav
  3. ERROR: Can't open file or directory
bing里面搜索了下,说要升级病毒库,signature. 发现有个后台进程已经在更新病毒库了,而且使用的用户是clamav.看来杀毒软件是自己创建的账户,使用自己的账户来工作的.

点击(此处)折叠或打开

  1. root@kali:# freshclam
  2. ERROR: /var/log/clamav/freshclam.log is locked by another process
  3. ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
  4. root@kali:# ps -ef|grep freshclam
  5. clamav 22688 1 0 21:18 ? 00:00:00 /usr/bin/freshclam -d --foreground=true
  6. root 25334 6396 0 21:23 pts/1 00:00:00 grep freshclam
很奇怪更新了半天都没反映,我看了下官网:
http://www.clamav.net/documents/mirrors
在 /etc/clamav/freshclam.conf 里面增加了一行

点击(此处)折叠或打开

  1. # Check for new database 24 times a day
  2. Checks 24
  3. DatabaseMirror db.cn.clamav.net

然后我用了root账户重新freshclam.

点击(此处)折叠或打开

  1. root@kali:~# freshclam
  2. ClamAV update process started at Wed May 31 11:01:54 2017
  3. Downloading main.cvd [ 11%]

很有趣,我发现我用root 执行,但是仍然su到clamav这个账户去了.

点击(此处)折叠或打开

  1. root@kali:~# ps -ef|grep freshclam
  2. clamav 5530 5182 0 11:01 pts/0 00:00:00 freshclam

参考资料:
https://wiki.archlinux.org/index.php/ClamAV
https://wiki.debian.org/ClamAV


10-12 11:42
查看更多