Linux安全与防病毒相关
一、安装监控防护
HFish开源蜜罐框架系统(优秀的诱惑与捕捉系统)
https://hfish.net/#/2-1-docker
linux 禁ping
net.ipv4.icmp_echo_ignore_all=0
docker run -itd --name hfish \
-v /usr/share/hfish:/usr/share/hfish \
--network host \
--privileged=true \
threatbook/hfish-server:latest
docker run -d \
--name watchtower \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
--label=com.centurylinklabs.watchtower.enable=false \
--privileged=true \
containrrr/watchtower \
--cleanup \
hfish \
--interval 3600
HFish开源蜜罐框架系统(优秀的诱惑与捕捉系统)
二、安装杀毒
1.安装epel源
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -ihv epel-release-latest-7.noarch.rpm
2.安装杀毒软件
yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
3.修改配置文件
修改/etc/freshclam.conf 和 /etc/clamd.d/scan.conf ,将 文中“Example” 注释掉,默认已注释掉。
4.升级病毒库
freshclam
5.查杀病毒
扫描文件 clamscan targetfile
递归扫描home目录,并且记录日志
clamscan -r -i /home -l /var/log/clamscan.log
递归扫描home目录,将病毒文件删除,并且记录日志
clamscan -r -i /home --remove -l /var/log/clamscan.log
建议扫描指定目录,然后将感染文件移动到指定目录,并记录日志
clamscan -r -i /home --move=/opt/infected -l /var/log/clamscan.log
评论区