-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathClamv Av Auto Scan
71 lines (68 loc) · 3.03 KB
/
Clamv Av Auto Scan
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#Run the command as sudo
#Install clam and mail prerequisites
apt-get update
apt-get install clamav-daemon sendmail mailutils sendmail-bin
# Stop some clam services then update it, otherwise you might get an error when updating.
# If using a firewall, you might what to whitelist the clam url incase the updates fail.
sudo service clamav-freshclam stop
sudo freshclam
#Start the services once update is done
sudo service clamav-freshclam start
##Scan script Directory
#the Script folder will hold the scripts, while the scanresult will hold the scan result
mkdir -p /home/Scripts/scanresult/
cd /home/Scripts/
#Create File for Daily Scan. You can modify this script to seach other directories and add more clam options
vi Dailyscan.sh
#!/bin/bash
timestamp=$(date "+%Y.%m.%d")
scan=$(hostname).$timestamp.Daily.txt
myhome=$(hostname | cut -d . -f1)
mymail=$myhome
mysupport="[email protected]"
status=$?
echo "Subject:Daily Scan Report For $(hostname | cut -d . -f1) On $(date "+%Y.%m.%d")" > /home/Scripts/scanresult/$scan
echo "MIME-Version: 1.0" >> /home/Scripts/scanresult/$scan
echo "Content-Type: text/plain" >> /home/Scripts/scanresult/$scan
echo "From: $myhome<$mymail>" >> /home/Scripts/scanresult/$scan
echo "Sender:$myhome <$mymail>" >> /home/Scripts/scanresult/$scan
echo -en '\n' >> /home/Scripts/scanresult/$scan
sudo clamscan -i -r /123/123/123/ /12/lo34/ >> /home/Scripts/scanresult/$scan
if [ "$status" = "0" ]; then
/usr/sbin/sendmail $mysupport < /home/Scripts/scanresult/$scan
else
echo "Subject:Scan Report For $(hostname | cut -d . -f1) On $(date "+%Y.%m.%d") Failed" | sudo /usr/sbin/sendmail $mysupport
fi
##Save the file and give it executable permission.
sudo chmod -R 755 /home/Scripts/
##We will use cronjobs to make the script run daily or weekly or monthly. The job i
sudo crontab -e
0 16 1 * * /home/Scripts/Monthlyscan.sh >/dev/null 2>&1
0 13 * * 7 /home/Scripts/Weeklyscan.sh >/dev/null 2>&1
0 10 * * * /home/Scripts/Dailyscan.sh >/dev/null 2>&1
##Configure gmail relay
mkdir -m 700 /etc/mail/authinfo/
cd /etc/mail/authinfo/
vi gmail-auth
AuthInfo: "U:root" "I:[email protected]" "P:mypassword"
#save the file.
#Run the makemap commnad
makemap hash gmail-auth < gmail-auth
#Put bellow lines into your sendmail.mc configuration file right above first "MAILER" definition line:
vi /etc/mail/sendmail.mc
define(`SMART_HOST',`[smtp.gmail.com]')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo',`hash -o /etc/mail/authinfo/gmail-auth.db')dnl
#save file
make -C /etc/mail
/etc/init.d/sendmail reload
#Test if the mail work
echo "Just testing my sendmail gmail relay" | mail -s "Sendmail gmail Relay" [email protected]
---------End---------
if everything was setup well, clam will run and send reports to your email. You might want to run the script manualluy first to be sure it work.
cd /home/Scripts/
./Dailyscan.sh