Linux 下安装 McAfee VirusScan,目前在其官方网站上为 vlp4510e.tar.Z,下载后开始安装:
# mkdir /tmp/uvscan
# tar -zxvf vlp4510e.tar.Z -C /tmp/uvscan
# cd /tmp/uvscan
# ./install-uvscan (注明,默认情况下,uvscan 是安装在 /usr/local/uvscan )Which directory do you want to install into? [/usr/local/uvscan]
/usr/local/uvscan doesn't exist. Create it? [y]/n
Do you want to create the link(s) to uvscan in /usr/local/bin [y]/n
Do you want to create the link(s) to uvscan_secure in /usr/local/bin [y]/n
Do you want to create the link(s) to liblnxfv.so.4 in /usr/local/lib [y]/n
Do you want to create the link(s) to uvscan.1 in /usr/local/man/man1 [y]/n
/usr/local/man/man1 doesn't exist. Create it? [y]/n
Installation complete.
Do you want to perform a scan of all filesystems y/[n]
依据你的实际使用情况,选择确定上面的信息。
安装完毕后,我们就开始测试 uvscan 是否安装成功了?
在系统中建立一个文件 test.com ,其内容为:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
使用以下命令:
/usr/local/uvscan/uvscan /tmp/test.com如果出现下面的类似信息,则表明你的 uvscan 已经安装成功了。
Found: EICAR test file NOT a virus.
Thank you for choosing to evaluate VirusScan from McAfee.
This version of the software is for Evaluation Purposes Only and may be
used for up to 30 days to determine if it meets your requirements. To
license the software, or to obtain assistance during the evaluation
process, please call (408) 988-3832. If you choose not to license the
software, you need to remove it from your system. All use of this
software is conditioned upon compliance with the license terms set forth
in the README.TXT file.
至于信息里面还有以下内容:
This program is more than 3 months old. New viruses come out all the
time - we would suggest that you upgrade your copy.
/tmp/test.com
就不需要担心了,只是 uvscan 提示病毒库较旧而已。接下来,我们就写个病毒库更新脚本: uvscan-update.sh ,内容如下:
#!/bin/bash
FileSource='ftp://ftp.nai.com/pub/antivirus/datfiles/4.x'
WorkDir='/usr/local/uvscan'
RemoveOldData='yes'
# 检测系统是否安装了 wget 这个下载程式?
if [ ! -f '/usr/bin/wget' ]; then
echo "** Sorry, this script should run with [ wget ] package installed !!!"
echo "** now, exiting..."
echo ""
exit 1
fi
echo ""
echo "# -----------------------------------------------------------------------------"
echo ""
echo "Updating the McAfee's virus data @ `date` by $USER..."
echo ""
cd "$WorkDir"
# 删除旧的 ini 文件
if [ -f update.ini ]; then
echo " Removing the old update.ini..."
rm -rf update.ini
fi
# 判断旧的病毒库版本
if [ -f update.ini.old ]; then
OldDatVer=$(grep "DATVersion" update.ini.old | sed -n 1p | cut -d "=" -f 2 | tr -d '\r')
echo " The working version of McAfee's virus data is $OldDatVer."
else
OldDatVer='0000'
fi
# 判断新的病毒库版本
echo " Downloading $FileSource/update.ini..."
echo ""
wget "$FileSource/update.ini"
if [ $? -gt 0 ]; then
echo ""
echo "** Sorry, the download of $FileSource/update.ini was failed. exiting..."
echo ""
exit 1
fi
NewDatVer=$(grep "DATVersion" update.ini | sed -n 1p | cut -d "=" -f 2 | tr -d '\r')
echo " The last version of McAfee's virus data is $NewDatVer."
# 如果两者版本不同,则下载新的病毒库
if [ "$OldDatVer" = "$NewDatVer" ]; then
echo " The McAfee's virus data is up to date. It's no need to update."
else
if [ -f "dat-$NewDatVer.tar" ]; then
# 如果该病毒库已存在,则不重复下载
echo "** The McAfee's virus data (dat-$NewDatVer.tar) is exist, (Strange!!)."
echo "** The download is canceled."
else
echo " Downloading $FileSource/dat-$NewDatVer.tar..."
echo ""
# 开始下载新的病毒库
wget "$FileSource/dat-$NewDatVer.tar"
if [ $? -gt 0 ]; then
echo "** Sorry, the download of $FileSource/dat-$NewDatVer.tar was failed. exiting..."
echo ""
exit 1
fi
fi
# 确定新的病毒库是否正确下载了
# 可惜没有 md5 码可以检查...
if [ -f "dat-$NewDatVer.tar" ]; then
echo " Extracting dat-$NewDatVer.tar..."
echo ""
tar xvf "dat-$NewDatVer.tar"
# 判断是否解压缩成功
if [ $? -gt 0 ]; then
# 如果失败,则删除掉刚下载的新病毒库
echo ""
echo "** Sorry, the downloaded file, dat-$NewDatVer.tar, is broken. restoring..."
echo "** Removing dat-$NewDatVer.tar..."
rm "dat-$NewDatVer.tar"
echo "** Restoring old dat-$OldDatVer.tar..."
echo ""
# 还原旧的病毒库
tar xvf "dat-$OldDatVer.tar"
if [ $? -gt 0 ]; then
# 无法还原旧的病毒库...
echo "** Sorry, an error occured when restoring old dat-$OldDatVer.tar."
echo "**"
echo "** YOU SHOULD FIX IT MANUALLY!!!"
fi
else
# 成功了,将 update.ini 备份下来
echo ""
echo " Rename update.ini to update.ini.old..."
mv update.ini update.ini.old
# 根据你的喜好,删除掉旧的病毒库
if [ -f "dat-$OldDatVer.tar" -a $RemoveOldData = 'yes' ]; then
echo " Removing dat-$OldDatVer.tar..."
rm "dat-$OldDatVer.tar"
fi
fi
# 显示 uvscan 及 Virus Data 的相关信息
echo ""
uvscan --version
echo ""
fi
fi
echo ""
echo "The update is finished."
echo ""
==================================
更改 uvscan-update.sh 的属性为可执行:
# chmod 755 uvscan-update.sh
那接下来,就可以执行这个病毒库升级脚本了。。。。