리눅스 백신을 물어보는 이가 있어서 설치하다가 설치기를 올려봅니다.
물론 다른 백신도 많이 있고, GUI로 되어 있지만, 이 녀석은 TUI방식이네요..
아주 오래된 녀석입니다.
v3 때도 있었던 걸로 기억나네요...
1. 프로그램을 다운로드 합니다.
[root@src]# wget http://files.f-prot.com/files/unix-trial/fp-Linux-i686-ws.tar.gz
2. 압축을 해제 합니다.
[root@src]# tar zxvf fp-Linux-i686-ws.tar.gz
3. 설치를 합니다.
[root@src]# cd f-prot/
[root@81 f-prot]# ls
antivir.def fpscan license.key README
doc fpupdate product.data
f-prot.conf.default install-f-prot.pl product.data.default
[root@81 f-prot]# ./install-f-prot.pl
(c) FRISK Software International
You are about to install F-Prot Antivirus for Linux Workstations
on a RedHat Linux 2.6.18 running on i686 into the '/usr/local/src/f-prot'
directory
Be warned that the documentation and user manuals assume that
F-Prot is installed in the default directory '/opt/f-prot'.
F-Prot will run just fine from '/usr/local/src/f-prot'
but you will of course have to adjust sample configuration and
such to match that change.
Where do you want a symbolic link to 'F-Prot Antivirus command line scanner (fpscan)' to be created?
(Just press Enter to accept the default) [/usr/local/bin]:
설치 장소를 물어봅니다. 가급적 default로 설치합니다.
Where do you want a symbolic link to 'section 8 manuals' to be created?
(Just press Enter to accept the default) [/usr/local/man/man8]:
Where do you want a symbolic link to 'section 1 manuals' to be created?
(Just press Enter to accept the default) [/usr/local/man/man1]:
Where do you want a symbolic link to 'section 5 manuals' to be created?
(Just press Enter to accept the default) [/usr/local/man/man5]:
Changing file access permissions on the installed files and directories ...ok
Checking if you have an existing license key...yes
Found an existing license key in /usr/local/src/f-prot/license.key, updating antivir.def ...
몇 가지 man page에 등록하는 것과 라이센스 키는 무료로 줍니다.
Downloading update (%100)
We've generated the following crontab entries to update the
antivir.def file via fpupdate. Updates will be run hourly at a
randomly picked minute to distribute load, and thus make your updates
faster than if they were run during obvious high load times, e.g. on
the hour.
The global crontab entry we made to add to /etc/crontab is the following:
45 * * * * root /usr/local/src/f-prot/fpupdate > /dev/null
Would you like to have this crontab appended to /etc/crontab?
(Just press Enter to accept the default) [Y/n]: n
No changes to /etc/crontab have been made but you should manually add
the crontab entry above or its equivalent somewhere so that the
antivir.def file is kept up to date.
All done!
If you reconfigured your MTA you should restart it now to activate the changes.
Have a nice day
Frisk software (www.f-prot.com)
[root@f-prot]#
설치가 완료되었습니다.
4. 차후에 수동으로 업데이트 하려면
#/usr/local/f-prot/tools/check-updates.pl
이라는 명령을 주면 된다. 자동업데이트를 하려면 크론에 이 내용을 적어주면 될 것이다.
이런 식으로 27 4,16 * * * /usr/local/f-prot/tools/check-updates.pl
5. 다음으로 실행 명령은
#/usr/local/f-prot/f-prot /(스캔할 디렉토리)
[root@f-prot]# fpscan -a
F-PROT Antivirus version 6.2.1.4252 (built: 2008-04-28T16-44-10)
FRISK Software International (C) Copyright 1989-2007
Engine version: 4.4.4.56
Virus signatures: 2009112416035f07579582d5addd53c6123e9b146d8e
(/usr/local/src/f-prot/antivir.def)
Scanning: -
6. 다음은 f-prot에 사용되는 옵션들이다. 참고하기 바란다.
| Options | Description |
| -ai | Enable neural-network virus detection. The -ai option should not be used with the -noheur option. |
| -archive=n [default is 5] | Scan inside supported archives n levels deep, the supported range is between 1 and 99, the default level is 5. Supported archives are .zip, .cab, .tar, .gz, .izh and .arj files. Currently F-Prot Antivirus does not support disinfection or removal of infected files within archives. Unix mailboxes are considered to be archives and therefore F-Prot Antivirus is not able to remove infected attachments. |
| -noarchive | Does not scan inside archives. The option -noarchive implies -noserver. |
| -server [default] | Attempts to identify infections within password protected archives. The option -server implies -archive. |
| -type | Scan files by content. By default f-prot scans all files. By using the-type option, you are instructing the scanner to limit the search to scanning by content. |
| -noverver | Does not attempt to identify infections within password protected archives. |
| -auto | Automatically remove detected viruses. As noted above, this will not work on archived files. |
| -collect | Scan a virus collection. This option is intended for advanced users. When this option is used it will, e.g. scan for bootsector viruses within files, even though the virus resides within a file instead of a bootsector. |
| -delete | Delete infected files. By default this requires user confirmation but if you include the -auto option F-Prot Antivirus will not prompt you for confirmation before deleting infected files. F-Prot Antivirus does not support removal of infected files located within archives. |
| -disinf | Disinfect whenever possible. By default this requires user confirmation but if you include the -auto option f-prot will not prompt you for confirmation before disinfecting infected files. F-Prot Antivirus does not support disinfection of infected files located within archives. |
| -dumb [default] | Scan all files, regardless of extensions or content. |
| -ext | Scan only files with default extensions. By default f-prot scans all files. By using the-ext option, you are instructing the scanner to limit the search to files with default extensions. |
| -follow | Follow symbolic links. This should be used with care, as the program does not detect "circular" directories, and may get stuck in an endless loop. |
| -noheur | Disable heuristic scanning. The -noheur option should not be used with the -ai option. |
| -nosub | Do not scan subdirectories. |
| -onlyheur | Only use heuristics, do not scan for known virus signatures. By using this option F-Prot Antivirus will only detect a fraction of infected files. |
| -packed [default] | Unpack compressed executables. There is no corresponding -nopacked option. This option is provided for legacy reasons. |
| -rename | Rename extensions of infected files to prevent them from being executed, e.g. renaming file.com to file.vom and file.exe to file.vxe. This will not prevent files from being executed on UNIX because:
|
출처 : http://blog.naver.com/incoinco
댓글