保證Linux文件服務(wù)器不受病毒感染的大招
原創(chuàng)【51CTO.com 獨(dú)家翻譯】PureFTPd是Linux下一款非常好用的的FTP服務(wù)器端軟件,但隨著Linux的普及,病毒也開始瞄向Linux,以前我們在Linux下經(jīng)常裸奔,現(xiàn)在我們應(yīng)當(dāng)重視Linux服務(wù)器的安全,本文就簡單介紹一下如何將Linux下大名鼎鼎的反病毒軟件ClamAV與PureFTPd結(jié)合,當(dāng)有人通過PureFTPd上傳文件時,ClamAV就會自動進(jìn)行掃描,如果發(fā)現(xiàn)上傳的文件包含病毒就自動刪除。
1、說明
首先我不能保證你按照我介紹的步驟操作,能讓ClamAV和PureFTPd聯(lián)合運(yùn)行,因?yàn)槟阄业沫h(huán)境可能不一樣,我是在OpenSUSE 11.2下做的實(shí)驗(yàn)。
2、安裝ClamAV
安裝ClamAV的命令如下,非常簡單:
yast2 -i clamav clamav-db |
接下來是為ClamAV創(chuàng)建系統(tǒng)啟動項(xiàng):
chkconfig --add clamd |
然后啟動它:
/etc/init.d/clamd start |
3、配置PureFTPd
首先用文本編輯器打開PureFTPd的配置文件/etc/pure-ftpd/pure-ftpd.conf:
vi /etc/pure-ftpd/pure-ftpd.conf |
將Umask設(shè)置項(xiàng)的值設(shè)為133:022,這樣clamdscan才有權(quán)掃描上傳的文件,同時將CallUploadScript設(shè)為yes:
[...] # File creation mask. # 177:077 if you feel paranoid. Umask 133:022 [...] # If your pure-ftpd has been compiled with pure-uploadscript support, # this will make pure-ftpd write info about new uploads to # /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and # spawn a script to handle the upload. CallUploadScript yes [...] |
接下來創(chuàng)建一個/etc/pure-ftpd/clamav_check.sh文件,無論何時通過PureFTPd上傳文件時,都會觸發(fā)它調(diào)用ClamAV主程序/usr/bin/clamdscan掃描上傳的文件:
vi /etc/pure-ftpd/clamav_check.sh |
clamav_check.sh腳本的內(nèi)容如下:
#!/bin/sh /usr/bin/clamdscan --remove --quiet --no-summary "$1" |
將這個腳本文件設(shè)為可執(zhí)行:
chmod 755 /etc/pure-ftpd/clamav_check.sh |
現(xiàn)在我們將pure-uploadscript作為一個后臺程序啟動,當(dāng)有文件通過PureFTPd上傳時,它就會調(diào)用我們編寫的/etc/pure-ftpd/clamav_check.sh基本。
pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh |
如果你不想每次重啟系統(tǒng)后都要手工啟動pure-uploadscript進(jìn)程,那打開/etc/init.d/boot.local:
vi /etc/init.d/boot.local |
向文件中添加一行/usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh,如:
#! /bin/sh # # Copyright (c) 2002 SuSE Linux AG Nuernberg, Germany. All rights reserved. # # Author: Werner Fink <werner@suse.de>, 1996 # Burchard Steinbild, 1996 # # /etc/init.d/boot.local # # script with local commands to be executed from init on system startup # # Here you should add things, that should happen directly after booting # before we're going to the first run level. # /usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh |
最后我們重啟PureFTPd:
/etc/init.d/pure-ftpd restart |
OK!從現(xiàn)在開始,如果有人上傳帶有惡意軟件的文件,ClamAV會為你自動清理。
【編輯推薦】
