Changes for page ClamAV

From version 23.2
edited by fse
on 25.05.2022, 15:25
Change comment: There is no comment for this version
To version 24.1
edited by fse
on 25.05.2022, 15:56
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -36,11 +36,11 @@
36 36  The following configuration parameters exist:
37 37  
38 38  ; host (Required)
39 -Default value: //127.0.0.1//. Specifies the //IP// address of the //ClamAV// daemon service to be used. The default value is //127.0.0.1// and thus uses a local //ClamAV// daemon service.
39 +: Default value: //127.0.0.1//. Specifies the //IP// address of the //ClamAV//-daemon service to be used. The default value is //127.0.0.1// and thus uses a local //ClamAV//-daemon service.
40 40  ; port (Required)
41 -Default value: //3310//. Specifies the port of the //ClamAV// daemon service to use. The default value should only be changed if this port is not available.
41 +: Default value: //3310//. Specifies the port of the //ClamAV//-daemon service to use. The default value should only be changed if this port is not available.
42 42  ; file-source
43 -If the value //stream// is entered here (default value), the data of the file to be checked will be transferred directly to //ClamAV//. If the value //path// is entered here, work is done directly on the path - whereby the //ClamAV// daemon service must have root rights for this.
43 +: If the value //stream// is entered here (default value), the data of the file to be checked will be transferred directly to the //ClamAV//-daemon service. If the value //path// is entered here, scanning is done directly on the path - whereby the //ClamAV//-daemon service must have root rights for this.
44 44  
45 45  {{info}}
46 46  //ClamAV// is intended to run on Linux-based servers. Therefore, we cannot guarantee any other support.
... ... @@ -49,18 +49,18 @@
49 49  
50 50  == Configuration //ClamAV// ==
51 51  
52 -The following section discusses installation and configuration of //ClamAV//. Our recommended scenario is to install {{formcycle/}} and the //ClamAV// daemon service on the same server.
52 +The following section discusses installation and configuration of //ClamAV//. Our recommended scenario is to install {{formcycle/}} and the //ClamAV//-daemon service on the same server.
53 53  
54 54  === Installation ===
55 55  
56 56  To install //ClamAV// on a server, the following commands should be entered on the server.
57 57  
58 -//ClamAV// is the program that can scan files for viruses and is required to use //ClamAV//-Daemon.
58 +//ClamAV// is the program that can scan files for viruses and is required for the use of //ClamAV//-daemon.
59 59  
60 60  ; Update the package list:
61 61  ; {{code language="shell"}} sudo apt-get update {{/code}}
62 62  
63 -; Install //ClamAV// and //ClamAV// daemon:
63 +; Install //ClamAV// and //ClamAV//-daemon:
64 64  ; {{code language="shell"}} sudo apt-get install clamav clamav-daemon -y {{/code}}
65 65  
66 66  === Update the virus signature database ===
... ... @@ -70,12 +70,12 @@
70 70  ; Terminate the automatic //freshclam// process:
71 71  ; {{code language="shell"}} sudo systemctl stop clamav-freshclam {{/code}}
72 72  
73 -; Manually update virus signature databank:
73 +; Manually update virus signature database:
74 74  ; {{code language="shell"}} sudo freshclam {{/code}}
75 75  
76 -=== Configuration //ClamAV//-Daemon ===
76 +=== Configuration //ClamAV//-daemon ===
77 77  
78 -//ClamAV//-Daemon is the process running in the background on the server, which is addressed for the virus scan. This is done via TCP and must be configured accordingly.
78 +//ClamAV//-daemon is the process running in the background on the server, which is addressed for the virus scan. This is done via TCP and must be configured accordingly.
79 79  
80 80  For this purpose, the configuration file under: // /etc/clamav/clamd.conf // should be adapted.
81 81  
... ... @@ -85,32 +85,32 @@
85 85  Use the arrow keys to navigate to the end of the file.
86 86  
87 87  ; Add //TCPAddr 127.0.0.1 //
88 -; Adding //TCPSocket 3310 //
88 +; Add //TCPSocket 3310 //
89 89  
90 90  {{lightbox image="en_clamd.conf.png"/}}
91 91  
92 -; //ClamAV//-Give root rights to daemon
93 -To do this, the entry //User clamav// must be changed to //User root// in this file.
92 +; Specify root rights for //ClamAV//-daemon
93 +: To do this, the row //User clamav// has to be changed to //User root// in this file.
94 94  
95 95  Now you can save and exit with //Ctrl + X//. Confirm with //Y// and the Enter key.
96 96  
97 -=== Starting the //ClamAV//-Daemon Service ===
97 +=== Starting the //ClamAV//-daemon Service ===
98 98  
99 99  Now the service can be started.
100 100  
101 -: Start the //ClamAV//-Daemon Service:
101 +: Start the //ClamAV//-daemon Service:
102 102  ; {{code language="shell"}} sudo systemctl start clamav-daemon.service {{/code}}
103 103  
104 104  === Checking the availability of the service ===
105 105  
106 -In order for this plugin to be able to address the //ClamAV// daemon service, the service must be listening in the right place - in this case at //127.0.0.1:3310//. This can be checked in the server's terminal.
106 +In order for this plugin to be able to address the //ClamAV//-daemon service, the service must be listening in the right place - in this case at //127.0.0.1:3310//. This can be checked in the server's terminal.
107 107  
108 -Using //netstat// the TCP socket of the //ClamAV// daemon service can be examined.
108 +Using //netstat// the TCP socket of the //ClamAV//-daemon service can be examined.
109 109  ; {{code language="shell"}} sudo netstat -anp | grep -E "(clam)" {{/code}}
110 110  
111 111  {{lightbox image="en_tcp_test.png"/}}
112 112  
113 -If no line starting with //tcp// is seen or a different //host:port// combination is seen as //127.0.0.1:3310//, the configuration must be checked again.
113 +If no line starting with //tcp// is seen or a different //host:port// combination is seen as //127.0.0.1:3310//, the configuration has to be checked again.
114 114  
115 115  == Example configuration ==
116 116  
... ... @@ -127,7 +127,7 @@
127 127  === Test file ===
128 128  
129 129  A common method for checking virus scanners is the //eicar.com// file.
130 -At any point this test file can be uploaded and after successful configuration the message shown above can be seen.
130 +At any point this test file can be uploaded and after successful configuration the message shown above should be seen.
131 131  
132 132  ; [[**Wikipedia**>>https://de.wikipedia.org/wiki/EICAR-Testdatei]]
133 133  ; [[**Download**>>https://www.eicar.org/download-anti-malware-testfile/]]
... ... @@ -139,7 +139,7 @@
139 139  For example, after uploading the //eicar.com// test file, the following entry can be seen in //clamav.log //:
140 140  ; {{code language="shell"}} Wed May 25 10:10:21 2022 -> instream(127.0.0.1@32984): Win.Test.EICAR_HDB-1(44d88612fea8a8f36de82e1278abb02f:68) FOUND {{/code}}
141 141  
142 -{{formcycle/}} logs can be found for this at // /formcycle-data/formcycle7/logs.//
142 +{{formcycle/}} logs can be found for this at // /formcycle-data/formcycle7/logs //.
143 143  
144 144  After uploading the //eicar.com// test file, for example, the following entry can be seen in //formcycle-errors-log //:
145 145  ; {{code language="shell"}} [WARN] [25-05-22 10:10:21,192] [ajp-nio-127.0.0.1-8009-exec-43] (MalwareScanner.java:211) - Scanner <fc.plugin.malware.scanner.clamAV. ClamAntiVirusFileScanner@7b2a4953> detected malware signature for file </home/fc/tomcat9/tmp/xima-temp/formcycle7/xfc-malware-scan/stream-scan12705251110052849842/data2383296604287452271>: {stream=[Win.Test.EICAR_HDB-1]} {{code}}
... ... @@ -155,4 +155,3 @@
155 155  
156 156  * Initial release
157 157  
158 -Translated with www.DeepL.com/Translator (free version)