| ... |
... |
@@ -80,7 +80,6 @@ |
| 80 |
80 |
For this purpose, the configuration file under: // /etc/clamav/clamd.conf // should be adapted. |
| 81 |
81 |
|
| 82 |
82 |
Open the configuration file: |
| 83 |
|
- |
| 84 |
84 |
; {{code language="shell"}} sudo nano /etc/clamav/clamd.conf {{/code}} |
| 85 |
85 |
|
| 86 |
86 |
Use the arrow keys to navigate to the end of the file. |
| ... |
... |
@@ -107,7 +107,6 @@ |
| 107 |
107 |
In order for this plugin to be able to address the //ClamAV//-daemon service, the service must be listening in the right place - in this case at //127.0.0.1:3310//. This can be checked in the server's terminal. |
| 108 |
108 |
|
| 109 |
109 |
Using //netstat// the TCP socket of the //ClamAV//-daemon service can be examined. |
| 110 |
|
- |
| 111 |
111 |
; {{code language="shell"}} sudo netstat -anp | grep -E "(clam)" {{/code}} |
| 112 |
112 |
|
| 113 |
113 |
{{lightbox image="en_tcp_test.png"/}} |
| ... |
... |
@@ -129,7 +129,7 @@ |
| 129 |
129 |
=== Test file === |
| 130 |
130 |
|
| 131 |
131 |
A common method for checking virus scanners is the //eicar.com// file. |
| 132 |
|
-At any point this test file can be uploaded and after successful configuration the message shown above should be seen. |
|
130 |
+At any point this test file can be uploaded and after successful configuration the message shown above can be seen. |
| 133 |
133 |
|
| 134 |
134 |
; [[**Wikipedia**>>https://de.wikipedia.org/wiki/EICAR-Testdatei]] |
| 135 |
135 |
; [[**Download**>>https://www.eicar.org/download-anti-malware-testfile/]] |
| ... |
... |
@@ -139,14 +139,12 @@ |
| 139 |
139 |
//ClamAV// creates logs which can be found under // /var/log/clamav/clamav.log //. |
| 140 |
140 |
|
| 141 |
141 |
For example, after uploading the //eicar.com// test file, the following entry can be seen in //clamav.log //: |
| 142 |
|
- |
| 143 |
143 |
; {{code language="shell"}} Wed May 25 10:10:21 2022 -> instream(127.0.0.1@32984): Win.Test.EICAR_HDB-1(44d88612fea8a8f36de82e1278abb02f:68) FOUND {{/code}} |
| 144 |
144 |
|
| 145 |
|
-{{formcycle/}} logs can be found for this at // /formcycle-data/formcycle7/logs //. |
|
142 |
+{{formcycle/}} logs can be found for this at // /formcycle-data/formcycle7/logs.// |
| 146 |
146 |
|
| 147 |
147 |
After uploading the //eicar.com// test file, for example, the following entry can be seen in //formcycle-errors-log //: |
| 148 |
|
- |
| 149 |
|
-; {{code language="shell"}} [WARN] [25-05-22 10:10:21,192] [ajp-nio-127.0.0.1-8009-exec-43] (MalwareScanner.java:211) - Scanner <fc.plugin.malware.scanner.clamAV. ClamAntiVirusFileScanner@7b2a4953> detected malware signature for file </home/fc/tomcat9/tmp/xima-temp/formcycle7/xfc-malware-scan/stream-scan12705251110052849842/data2383296604287452271>: {stream=[Win.Test.EICAR_HDB-1]} {{/code}} |
|
145 |
+; {{code language="shell"}} [WARN] [25-05-22 10:10:21,192] [ajp-nio-127.0.0.1-8009-exec-43] (MalwareScanner.java:211) - Scanner <fc.plugin.malware.scanner.clamAV. ClamAntiVirusFileScanner@7b2a4953> detected malware signature for file </home/fc/tomcat9/tmp/xima-temp/formcycle7/xfc-malware-scan/stream-scan12705251110052849842/data2383296604287452271>: {stream=[Win.Test.EICAR_HDB-1]} {{code}} |
| 150 |
150 |
; {{code language="shell"}} [ERROR] [25-05-22 10:10:21,207] [ajp-nio-127.0.0.1-8009-exec-43] (VirusScannerService.java:71) - Detected a virus {{/code}} |
| 151 |
151 |
|
| 152 |
152 |
== Version history == |
| ... |
... |
@@ -155,6 +155,8 @@ |
| 155 |
155 |
|
| 156 |
156 |
* Optimisations for installation on server clusters |
| 157 |
157 |
|
| 158 |
|
-**Version 1.0.0** |
|
154 |
+**Version 1.0.0 |
| 159 |
159 |
|
| 160 |
160 |
* Initial release |
|
157 |
+ |
|
158 |
+Translated with www.DeepL.com/Translator (free version) |
