Ubuntu 10.04 上, 定時用ClamAV 掃毒並 email log

安裝

$ sudo apt-get install clamav

更新病毒庫

$ sudo freshclam

設定cron

$ sudo vim /usr/local/bin/virus_scan.sh

#!/bin/bash
# ----------------------------------------------------------------------
# Virus scan with ClamAV
# ----------------------------------------------------------------------

# Disabling PATH improves the security of the script
unset PATH

# Declare the variables
ECHO=/bin/echo;
DATE=/bin/date;
FRESHCLAM=/usr/bin/freshclam;
CLAMSCAN=/usr/bin/clamscan;
LOG_FILE=/home/user/clamscan.log;
SCAN_FOLDER=/;

# Start the log entry
$ECHO Complete system virus scan starting >> $LOG_FILE;
$DATE >> $LOG_FILE;
$ECHO \* >> $LOG_FILE;
# Update Virus definitions
$FRESHCLAM >> $LOG_FILE;

# Run the scan
$CLAMSCAN -ri $SCAN_FOLDER >> $LOG_FILE;

# Finish the log entry
$ECHO \* >> $LOG_FILE;
$ECHO Complete system virus scan finished >> $LOG_FILE;
$DATE >> $LOG_FILE;
$ECHO \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* >> $LOG_FILE;

$cat clamscan.log | mail -s "ClamAV Scan" someone@server.com
$rm clamscan.log

設定限權

sudo chown root /usr/local/bin/virus_scan.sh
sudo chmod u=rwx /usr/local/bin/virus_scan.sh
sudo chmod go= /usr/local/bin/virus_scan.sh

把shell加到 crontab 內

sudo vim /etc/crontab

20 3 * * * root /usr/local/bin/virus_scan.sh

# 記得更改 LOG_FILE , SCAN_FOLDER
# 想用gmail寄可參考 ubuntu 10.04 上,透過 gmail 用命令列寄信


shell 修改自http://ubuntuforums.org/showthread.php?t=631293

ubuntu 10.04 上,透過 gmail 用命令列寄信

$ sudo apt-get install heirloom-mailx msmtp
$ vim ~/.mailrc

set from="YOURNAME@gmail.com (YOURNAME)"
set sendmail="/usr/bin/msmtp"
set message-sendmail-extra-arguments="-a gmail"

$ vim ~/.msmtprc

defaults
logfile /home/USER/msmtp.log

# gmail account
account gmail
auth on
host smtp.gmail.com
port 587
user YOURNAME@gmail.com
password YOURPASSWORD
from YOURNAME@gmail.com
tls on
tls_trust_file /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt

# set default account to use (not necessary with single account)
account default : gmail

$ chmod 600 ~/.msmtprc
$ echo "Hello, world!" | mail -s "Test from command line" -a attachment.txt somebody@somedomain.org


ssmtp也有相同作用, 但ssmtp會把帳密以明碼存在/etc/下,會增有gmail被帳號被盜。


參考
How To Use Gmail Account To Relay Email From a Shell Prompt
在 Ubuntu 8.04 上透過 gmail 用命令列寄信