二、防病毒系统
1、安装McAfee uvscan for linux
McAfee uvscan for linux虽然是试用,但是没有什么限制,可以升级,也没有过期。
# wget http://www.XXXX.com/products/evaluation/virusscan/english/
cmdline/linux/version_4.24/intel/vlnx424e.tar.Z
# tar xzf vlnx424e.tar.Z
# ./install-uvscan
默认会装到/usr/local/uvscan目录下,不过uvscan需要libstdc++.so.2.8,直接运行出现如下错误:
# uvscan
uvscan: error while loading shared libraries: libstdc++.so.2.8:
cannot open shared objectfile: No such file or directory
可以从如下地址获得libstdc++.so.2.8的安装包:
# wget http://debian.marlow.dk/dists/woody/virus/pool/
lib/libstdc++2.8_2.90.29-2.deb
# dpkg -i libstdc++2.8_2.90.29-2.deb
这样uvscan就可以正常运行了,不过会提示病毒库比较老了云云。写个病毒库更新脚本扔到crontab跑去吧:
#!/bin/sh
#
# update-dat.sh
#
cd /usr/local/uvscan/
wget -q -O readme.txt http://http://www.XXXX.com/products/datfiles/
4.x/nai/readme.txt >/dev/null
AVVER=`head -5 readme.txt | grep ’ 4[0-9][0-9][0-9] ’ | head -1 |
sed -e ’s/^.* \(4[0-9]*\) .*$/\1/’`
if [ ! -f dat-$AVVER.tar ]; then
for i in *.tar ; do
mv $i $i.old
done
if wget http://http://www.XXXX.com/products/datfiles/4.x/nai/
dat-$AVVER.tar >/dev/null ; then
for i in *.dat ; do
cp -p $i $i.bak
done
if tar xf dat-$AVVER.tar ; then
rm -f *.old
echo `date` Successfully updated AntiVirus DAT files to $AVVER
fi
fi
fi
2、AMaViS的安装
AMaViS是uvscan和postfix之间的一个桥梁,完成邮件解码,交给uvscan查毒,然后再处理,转发操作。
安装amavisd前先确定以下软件已经安装,lha、unarj等使用的no-free的分支版本:
# apt-get install libio-stringy-perl mailtools libmime-perl libmailtools-perl libmime-base64-perl \
libcompress-zlib-perl libconvert-uulib-perl libconvert-tnef-perl tnef libarchive-tar-perl \
libarchive-zip-perl libtime-hires-perl libunix-syslog-perl libdigest-md5-perl lha unarj unzip \
gzip unrar zoo
stable版本的amavisd比较老,使用如下链接:
# wget http://www.XXXX..dk/dists/woody/custom/pool/compress/arc_5.21e-5_i386.deb
# wget http://www.XXXX..dk/dists/woody/virus/pool/wrapper/amavisd-new_20030314p1-2_all.deb
# wget http://www.XXXX..dk/dists/woody/virus/pool/lib/libnet-perl_1.12-1_all.deb
# wget http://www.XXXX..dk/dists/woody/virus/pool/lib/libnet-server-perl_0.84-3_all.deb
先安装CPAN:
# perl -MCPAN -e shell
cpan> install CPAN
cpan> install LWP
cpan> install Archive::Tar
cpan> install Archive::Zip
cpan> install Compress::Zlib
cpan> install Convert::TNEF
cpan> install Convert::UUlib
cpan> install MIME::Base64
cpan> install MIME::Parser
cpan> install Mail::Internet
cpan> install Net::Server
cpan> install Net::SMTP
cpan> install Digest::MD5
cpan> install IO::Stringy
cpan> install Time::HiRes
cpan> install Unix::Syslog
