TWiki> Main Web>WebPreferences>AmsLaptopAntivirus (revision 4)EditAttachPDF

"Daily" clamav database update procedure

1. ssh data@pcpoc30

2. cd ~/freshclam

3. mv daily.cvd daily.cvd.curr; mv bytecode.cvd bytecode.cvd.curr; mv main.cvd main.cvd.curr

4. open somewhere a browser at: https://www.clamav.net/downloads

4.1 open tab Virus Database, copy link to daily.cvd

5. execute wget on pcpoc30:

[data@pcpoc30 freshclam]$ wget http://database.clamav.net/{main,daily,bytecode}.cvd

6. (TODO: bash command) remove rm XXX.cvd if has the same size (better: same md5) as XXX.cvd.curr

7. copy updated files to amslaptop2

[data@pcpoc30 freshclam]$ scp ./*.cvd ams@amslaptop2:~/freshclam/

8. ssh to amslaptop2

[data@pcpoc30 freshclam]$ ssh ams@amslaptop2

9. run clamav scan manually on amslapto2

[ams@amslaptop freshclam]$ sudo /home/ams/eAss/scripts/run-clamav.sh

10. wait to finish, check for infected files found


SCAN SUMMARY -----------
Known viruses: 6299082
Engine version: 0.99.2
Scanned directories: 19135
Scanned files: 212942
Infected files: 0
Data scanned: 6833.84 MB
Data read: 7775.82 MB (ratio 0.88:1)
Time: 2382.783 sec (39 m 42 s)

11. If everything ok, proceed with AMS laptop:

Wait for a "long" AOS and follow the procedure in elog: https://ams-vobox04.cern.ch/elog/DATA/1822

=============================
AMS Laptop Antivirus definitions update procedure
=============================

1) Open Ku-Fwd as usual way
2) run the script 'kufwd-update-clamav-db'
3) Stop Ku-Fwd
3) Wait until the next anitivirus scan (it's performed at 04:00, 12:00, 20:00 GMT every day).
4) Wait another 40 mins to complete the scan
5) Perform another file downlink to check the new definitions date.
--- check it with Mike: 6) Give a call to OC on his/her loop and let him/her know that the ams laptop antivirus was updated to 'date you
got'.  NOTE: No more DSR - No need to "Ask OC to post it in DSR (Daily summary report)."

12. Rename *.cvd to *.cvd.curr on pcpoc30

clamav update and scan

0. manually install clamav on laptop2 with rmp, yumdownload, scp virus database to laptop, wait for cron to run

(see the kufwd-update-clamav-db script as an example: https://ams-vobox04.cern.ch/elog/DATA/1822)

1. laptop2

[ams@amslaptop ~]$ cat /etc/cron.d/clamav-cron
0 4,12,20 * * * root bash /home/ams/eAss/scripts/run-clamav.sh
#10 14 * * * root bash /home/ams/eAss/scripts/run-clamav.sh

2. POCC console

[data@pcpoc00: ~ ] head scripts/kufwd-update-clamav-db.sh
#!/bin/bash

#
# Download and update <a href="https://twiki.cern.ch/twiki/bin/edit/Main/ClamAV?topicparent=Main.AndreyPashnin;nowysiwyg=0" rel="nofollow" title="this topic does not yet exist; you can create it."> ClamAV </a> DB on the laptop
#

KUFS='./kufwd-functions.sh' # <a href="https://twiki.cern.ch/twiki/bin/edit/Main/KuFwd?topicparent=Main.AndreyPashnin;nowysiwyg=0" rel="nofollow" title="this topic does not yet exist; you can create it."> KuFwd </a> fucntions
DLS='./download-clamav-db.sh' # <a href="https://twiki.cern.ch/twiki/bin/edit/Main/ClamAV?topicparent=Main.AndreyPashnin;nowysiwyg=0" rel="nofollow" title="this topic does not yet exist; you can create it."> ClamAV </a> DB download script

DESTLT=freshclam/ # destination directory on the laptop

3. check the script runnig on laptop2:

[root@amslaptop eAss]# cat /home/ams/eAss/scripts/run-clamav.sh

II. Make it automatic

= add acron's jobs on ams-backup.cern.ch to handle the table of versions

Django + python scripts

ID Downloaded Laptop2 Laptop Type Status
1 2017.06.19 2017.06.19 2017.06.19 main OK
2 2017.06.19 2017.06.19 2017.06.19 daily KO
3 2017.06.19 2017.06.19 2017.06.19 bytecode KO

Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r4 - 2017-06-30 - AndreyPashnin
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    Main All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback