ClamAV

2008年12月25日 (四) 03:35的版本

ClamAV - Clam AntiVirus

ClamWin Free Antivirus is based on ClamAV engine

About

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.

Clam Antivirus是一个UNIX下开源（GPL）杀毒软件包，这个软件最主要目的是集成在邮件服务器里，查杀邮件附件中的病毒。软件中包含主要一个灵活可升级的多线程后台程序，一个命令行扫描程序，一个自动升级程序，软件运行基于随Clam Antivirus软件包同时发布的共享库文件。你也可以在你的软件中使用这些共享库文件，最重要的是，病毒库升级的很快很及时。

Functions

• command-line scanner
• fast, multi-threaded daemon with support for on-access scanning
• milter interface for sendmail
• advanced database updater with support for scripted updates and digital signatures
• virus scanner C library
• on-access scanning (Linux® and FreeBSD®)
• virus database updated multiple times per day (see home page for total number of signatures)
• built-in support for various archive formats, including Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others
• built-in support for almost all mail file formats
• built-in support for ELF executables and Portable Executable files compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others
• built-in support for popular document formats including MS Office and MacOffice files, HTML, RTF and PDF

主要特征：

• 命令行扫描程序
• 高效，多线程后台程序
• 支持sendmail的milter接口
• 支持数字签名的病毒库升级程序
• 支持病毒扫描C语言库
• 支持按访问扫描（Linux® and FreeBSD®）
• 病毒库每天多次升级（可以查杀的总病毒数量见主页）
• 内置支持RAR（2.0），Zip，Gzip，Bzip2，Tar，MS OLE2，MS Cabinet files，MS CHM（压缩的HTML），MS SZDD压缩格式
• 内置支持mbox，Maildir和原始邮件文件格式
• 内置支持UPX，FSG，和Petite压缩的PE可执行文件

Install

wget  http://download.huihoo.com/clamav/clamav-0.94.tar.gz
tar zxvf clamav-0.94.tar.gz
$./configure --prefix=/home/allen/clamav --disable-clamav
$make; make install

To test your installation execute:

$ ~/clamav/bin/freshclam
$ ~/clamav/bin/clamscan ~
----------- SCAN SUMMARY -----------
Known viruses: 407205
Engine version: 0.94
Scanned directories: 1
Scanned files: 33
Infected files: 0
Data scanned: 2.73 MB
Time: 5.628 sec (0 m 5 s)

Adding new system user and group

# groupadd clamav
# useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
$ ./configure --sysconfdir=/etc
$ make
$ su -c "make install"

unit tests

$ ./configure --enable-check
$ make
$ make check  // need http://check.sourceforge.net/ package
100%: Checks: 205, Failures: 0, Errors: 0
PASS: check_clamav
PASS: check_clamd.sh
PASS: check_freshclam.sh
PASS: check_sigtool.sh
PASS: check_clamscan.sh
======================
All 5 tests passed
(1 tests were not run)
======================

The following files from the unit_tests/ directory:

• test.log
• clamscan.log
• clamdscan.log

Use

Links

• http://www.clamav.net
• ClamAV Database Mirrors
• http://docs.huihoo.com/clamav/
• http://download.huihoo.com/clamav/