cesemj
asked on
configure clamav to automatically move files to an quarantine folder
I inherited a system with clamav on ubuntu 12.04 and I am trying to get it to scan whenever a file is uploaded and move the infected file to a quarantine folder. I am researching on line for a php plugin for clamav but I still thought clamav should be working in the background.
Please share any examples on how to configure clamav to automatically move files to an quarantine folder
clamd.txt
Please share any examples on how to configure clamav to automatically move files to an quarantine folder
clamd.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your input: I found the following article and are testing the following cron command I entered as root:
echo "*/5 * * * * /usr/bin/find /var/www/testbuild.tv/site /fileuploa ds/* -mmin -7 -type f -exec /usr/bin/clamdscan --remove {} \ --log=/var/log/clamav/remo vedfiles.l og; > /dev/null 2>&1" >> /var/spool/cron/root
I restarted the cron service and did crontab -l but do not see the cronjob. I did not receive an error when I typed the command..
The goal of the cronjob syntax is to run clamdscan every 5 mins against a specific directory tree and remove all infected files and log the results.
Please tell me what you think.
echo "*/5 * * * * /usr/bin/find /var/www/testbuild.tv/site
I restarted the cron service and did crontab -l but do not see the cronjob. I did not receive an error when I typed the command..
The goal of the cronjob syntax is to run clamdscan every 5 mins against a specific directory tree and remove all infected files and log the results.
Please tell me what you think.
can also check out this script as reference for scheduled task via cron, grep infected and piped to your desired quarantine folde using --move=DIRECTORY where this option will move infected files into DIRECTORY. Directory must be writable for the '' user or unprivileged user running clamscan.
https://code.google.com/p/clamav-cron/
https://hacking.im/automated-clam-antivirus-scanning-for-centos-servers
man - http://linux.die.net/man/1/clamscan
https://code.google.com/p/clamav-cron/
https://hacking.im/automated-clam-antivirus-scanning-for-centos-servers
man - http://linux.die.net/man/1/clamscan
ASKER
thanks for the update
Assign the status of running clamdscan filename to a variable. Then check the status and on this basis, you change the location where the file goes.
Have not used clam recently, but do not believe it has an option I.e "clamdscan filename good_folder quarantine" which is what would be needed. Note also that an automatic handling by the scanner, will not provide feedback to the user.