Install Clamav di CentOS

Ada sebuah program antivirus di linux yang sangat dikenal yaitu ClamAV yang dapat diperoleh info lengkapnya di www.clamav.net

adapun tahapan instalasinya yaitu :

1.     Download source aplikasi dari website clamav, dan saat ini versi stable yang terakhir yaitu dapat didownload melalui  http://sourceforge.net/projects/clamav/

# wget http://downloads.sourceforge.net/clamav/clamav-0.95.3.tar.gz
# tar -xvzf clamav-0.95.3.tar.gz

2.     Buat user untuk menjalankan clamav dahulu

# groupadd clamav
# useradd clamav -g clamav -c “Clam Antivirus” -s /nonexistent

3.     Lakukan konfigurasi

# cd clamav-0.95.3
# ./configure
# make
# make install

4.     cek hasil instalasi
Setelah install selesai di point 3, maka dapat dilakukan pengecekan clamav, yaitu dengan cara :

# cd ..
# clamscan -r -l scan.log clamav-95.3

dimana akan melakukan scaning atas folder source clamav secara recursive dan hasilnya di tulis di file     scan.log

——————————————————————————-

clamav-0.95.3/libclamav/version.h: Empty file
clamav-0.95.3/libclamav/version.h.tmp: Empty file
clamav-0.95.3/test/clam.tnef: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.exe.mbox.uu: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-v2.rar: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.exe.html: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-upack.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-fsg.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.exe.szdd: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.zip: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-wwpack.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.sis: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-upx.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-aspack.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.exe.binhex: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.exe.rtf: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.mail: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.arj: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.ea06.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-v3.rar: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-pespin.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.d64.zip: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.cab: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.ea05.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.chm: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-petite.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.exe.mbox.base64: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-nsis.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.ole.doc: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.ppt: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam-mew.exe: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.tar.gz: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.pdf: ClamAV-Test-File FOUND
clamav-0.95.3/test/clam.impl.zip: ClamAV-Test-File FOUND

———– SCAN SUMMARY ———–
Known viruses: 572031
Engine version: 0.95.3
Scanned directories: 61
Scanned files: 1317
Infected files: 33
Data scanned: 52.38 MB
Data read: 44.60 MB (ratio 1.17:1)
Time: 12.786 sec (0 m 12 s)

dari hasil diatas dapat dilihat bahwa clamav berjalan dengan baik dan menemukan virus demo di folder         test.

5.     Testing program clamav daemon

lakukan konfigurasi file “/usr/local/etc/clamav.conf”
# vi /usr/local/etc/clamav.conf
hapus baris “example” pada file tersebut dan jalankan perintah scan

# clamdscan -l scan.log clamav-0.95.3
dimana hasilnya akan sama dengan point 4, hanya beda sedit tentang summarynya saja.

6.     Update data antivirusnya

buat tempat logfile

# touch /var/log/clam-update.log
# chmod 600 /var/log/clam-update.log
# chown clamav /var/log/clam-update.log

Jalankan perintah update

# freshclam -d -c 6 -1 /var/log/clam-update.log
dimana artinya yaitu menjalankan update database antivirusnya yang dilakukan setiap hari sebanyak 6         kali.

apabila dijalankan di belakang firewall :

ClamAV update process started at Wed Sep  9 21:11:45 2009
WARNING: Can’t query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Reading CVD header (main.cvd): WARNING: Can’t get information about database.clamav.net: Temporary         failure in name resolution
WARNING: Can’t read main.cvd header from database.clamav.net (IP: )
Trying again in 5 secs…
ClamAV update process started at Wed Sep  9 21:11:50 2009
WARNING: Can’t query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Reading CVD header (main.cvd): WARNING: Can’t get information about database.clamav.net: Temporary         failure in name resolution
WARNING: Can’t read main.cvd header from database.clamav.net (IP: )
Trying again in 5 secs…
ClamAV update process started at Wed Sep  9 21:11:55 2009
WARNING: Can’t query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Reading CVD header (main.cvd): ERROR: Can’t get information about database.clamav.net: Temporary         failure in name resolution
WARNING: Can’t read main.cvd header from database.clamav.net (IP: )
Giving up on database.clamav.net…
Update failed. Your network may be down or none of the mirrors listed in /usr/local/etc/freshclam.conf     is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.

agar bisa jalan walaupun dibelakang firewall, maka perlu diseting HTTPproxynya yaitu di file             “/usr/local/etc/freshclam.conf”

# Proxy settings
# Default: disabled
HTTPProxyServer proxyserver
HTTPProxyPort proxyport
#HTTPProxyUsername myusername
#HTTPProxyPassword mypass

kalau dilihat di log file “/var/log/clam-update.log”, maka isinya dapat seperti ini :

————————————–
freshclam daemon 0.95.3 (OS: linux-gnu, ARCH: i386, CPU: i686)
ClamAV update process started at Wed Sep  9 21:17:54 2009
WARNING: Can’t query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Connecting via proxyserver
Reading CVD header (main.cvd): OK (IMS)
main.cvd is up to date (version: 51, sigs: 545035, f-level: 42, builder: sven)
Connecting via proxyserver
Reading CVD header (daily.cvd): OK (IMS)
daily.cvd is up to date (version: 9788, sigs: 77535, f-level: 43, builder: ccordes)
————————————–

7.     Jalankan scrip update data antivirus setiap centos startup

# vi /etc/rc.local

tambahkan baris berikut (sesuai point 6)

freshclam -d -c 6 -1 /var/log/clam-update.log

8.     Lakukan scaning virus secara otomatis setiap jam 6 pagi dengan crantab

# vi /etc/cron.d/clamav.cron

isikan dengan baris berikut :

0 6 * * * root /usr/local/bin/clamscan -r /home/

yang artinya , dengan cron dilakukan scan virus setiap jam 6 pagi di folder /home/ secara recursive

selesai

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s