Difference between revisions of "Anti virus"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with ' == Description == ASL has a kernel space anti-virus module. As of version 2.2.6 this module is not activated by default. The basic behaviour when activated is to mark up malwar…')

Revision as of 15:56, 19 May 2010

Description

ASL has a kernel space anti-virus module. As of version 2.2.6 this module is not activated by default. The basic behaviour when activated is to mark up malware with permissions of 000 and send an alert via logs.


Installation

Step 1) ASL kernel 2.6.29 and above required


Step 2) Install kernel modules 

 yum install kmod-dazuko

Step 3) Enable setting in /etc/asl/config 

 CLAMAV_ENABLED="yes"
 CLAMAV_ENABLE_DAZUKO="yes"

Step 4) Set directories to monitor in /etc/asl/dazuko-include. (Note this file may not exist, this is normal). One line per entry 

 /path/to/directory
 /path/to/directory2

Step 5) Optional, set directories to exclude in /etc/asl/dazuko-exclude. (Note this file may not exist, this is normal). One line per entry 

 /path/to/directory/exclude1
 /path/to/directory/exclude2

Step 6) Update the security policy with: 

 asl -s -f

Step 7) Reboot 

 reboot
Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=Anti_virus&oldid=855"
Personal tools