clamAV
we are using :
cPanel 11.24.4-S33345
WHM 11.24.2 - X 3.9
CENTOS 4.7 i686 on standard
And there are 200 domains hosted
my questions are as below
1. we want to scan only one domain instead of all how can i via WHM & SSH
2. how to scan whole server via WHM or SSH
3. how can i find out ClamAV version via SSH or WHM
or if we are running older how could be upgrade via SSH or WHM
thanks
Nilesh
clamdscan /home/username1. we want to scan only one domain instead of all how can i via WHM & SSH
clamdscan -l virus.txt /home/username (print a pretty text file with the results)
clamdscan /home2. how to scan whole server via WHM or SSH
clamdscan -l virus.txt /home (print a pretty text file with the results)
freshclam3. how can i find out ClamAV version via SSH or WHM
wait until cpanel adds it to the version your running "upcp"or if we are running older how could be upgrade via SSH or WHM
or if you cant wait http://forums.cpanel.net/showthread....=update+clamav
Lowest Host/Empire Technology LLC
Affordable hosting solutions http://empire-hosting.net
List Your hosting site FREE in http://hostgeneration.com
Thank you so much for your reply
i need to ask you one for thing
i scanned the website & found 2 suspicious files
so my question is does clamav removing those files or we'll need to remove manually
Hello,
I didn't feel like scanning by per account logging into cPanel, so I found this command, but after running it found out that I didn't want to scan e-mail so, I went directly to the webroot folder and scanned there just find but I also wanted to scan the each account but not manually, I created a simple script that just does that; This script could may need some improvements, but works good.
for i in $(ls -l /home/ | sed -e '/root/d' | awk '{print $3}'); do clamdscan -l /scan/$i.txt /home/$i/public_html/; cat /scan/$i.txt | mail -s "Virus Scan: $i" you(at)email.com; done
If you notice, It goes into the /home directory, make sure you change the path too this.
The /scan/$i.txt is where are the log files are stored for each user of the scan.
cat /scan/$i.txt sends you and e-mail with the results.
If you have more than one drive, make sure you change it too /home, /home2 etc...
As for me, I created the script called scanhome, scanhome2 etc... in /sbin and chmodded to 755 and I can called it by using scanhome or scanhome2 etc...also I have it setup to run in crontab to run every 1st of the month.
and to answer your question;
i scanned the website & found 2 suspicious files
so my question is does clamav removing those files or we'll need to remove manually
clamdscan --help
--remove Remove infected files. Be careful!
--move=DIRECTORY Move infected files into DIRECTORY
--copy=DIRECTORY Copy infected files into DIRECTORY
I would move them, to inspect them...Main reason for this, was to look for PHP Shells and works great! Found quite a few and removed them all!
Note: Script I wrote above does not include remove, move or copy.
LinkBack URL
About LinkBacks
Reply With Quote