Para quem utiliza Servidor Ubuntu em sua empresa, residência, está estudando Redes e Segurança de Redes, ou simplesmente tem paranoia com a questão de vírus no mundo GNU/Linux, existe uma boa opção de aplicativo de segurança:
Sophos Antivirus for Linux Free Edition.
Este tutorial que adaptei, foi postado originalmente pelo usuário
Holmes, no
Fórum do Manjaro.
A seguir, o passo a passo.
1º) DownloadBaixe a versão básica do
Sophos Antivirus for Linux Free Edition.
Ao finalizar o download descompacte a pasta. Via modo gráfico, basta clicar com o botão direito do mouse sobre a pasta e selecionar
Extrair Aqui, ou então, por linha de comando. Se você fez o download na pasta Downloads do seu Ubuntu, o comando completo é:
cd /home/seu_usuario/Downloads/
tar -xvf sav-linux-free-9.9.tgz
Onde o
seu_usuario é o nome do usuário que você utiliza no seu Ubuntu!
2º) InstalaçãoPara intalação do Sophos, digite o seguinte comando, dentro da pasta descompactada do Sophos:
sudo .install.sh
Posteriormente, solicitará que escolha o tipo de auto-update.
Selecione
Sophos.
Quando indagado para a versão, selecione
Free.
It can update either from Sophos directly (requiring username/password details) or from your own server (directory or website (possibly requiring username/password)).
Which type of auto-updating do you want? From Sophos(s)/From own server(o)/None(n) (s)
> s
Do you wish to install the Free (f) or Supported (s) version of SAV for Linux? (s)
> f
3º) Como usá-lo?Para verificar
status on-access scan, faça o seguinte
/opt/sophos-av/bin/savdstatus
Resultado:
jeison@jeison-Infoway:~$ /opt/sophos-av/bin/savdstatus
Sophos Anti-Virus is active
Iniciar
on-access scan, execute
sudo service sav-protect start
Saída no terminal:
jeison@jeison-Infoway:~$ sudo service sav-protect start
start: Job is already running: sav-protect
Executar
on-demand scan, prossiga com
savscan /
Depois da pasta raíz escaneada do meu Ubuntu, o resultado foi:
jeison@jeison-Infoway:~$ savscan /
SAVScan virus detection utility
Version 5.12.0 [Linux/AMD64]
Virus data version 5.13, March 2015
Includes detection for 8899461 viruses, Trojans and worms
Copyright (c) 1989-2015 Sophos Limited. All rights reserved.
System time 11:44:20, System date 05 June 2015
Warning: SWEEP messages loaded from default locale en_GB
Quick Scanning
Could not open /etc/init.d/sav-rms
Could not open /etc/init.d/sav-protect
Could not open /etc/init.d/sav-web
Could not open /etc/subgid-
Could not open /etc/NetworkManager/system-connections/Luiz Viana Helpinfo
Could not open /etc/NetworkManager/system-connections/CEEP_1
Could not open /etc/NetworkManager/system-connections/Jeison-Kertesz
Could not open /etc/NetworkManager/system-connections/CEEP
Could not open /etc/NetworkManager/system-connections/Luiz Viana
Could not open /etc/gshadow-
Could not open /etc/default/cacerts
Could not open /etc/ssl/private (errno is 13)
Could not open /etc/polkit-1/localauthority (errno is 13)
Could not open /etc/passwd-
Could not open /etc/shadow-
Could not open /etc/gshadow
Could not open /etc/sudoers.d/README
Could not open /etc/security/opasswd
Could not open /etc/shadow
Could not open /etc/group-
Could not open /etc/cups/ssl (errno is 13)
Could not open /etc/sudoers
Could not open /etc/ppp/chap-secrets
Could not open /etc/ppp/pap-secrets
Could not open /etc/subuid-
Could not open /vmlinuz
Could not open /var/cache/lightdm/dmrc (errno is 13)
Could not open /var/cache/ldconfig (errno is 13)
Could not open /var/cache/cups/job.cache.O
Could not open /var/cache/apt/archives/lock
Could not open /var/spool/cron/atjobs (errno is 13)
Could not open /var/spool/cron/crontabs (errno is 13)
Could not open /var/spool/cron/atspool (errno is 13)
Could not open /var/spool/rsyslog (errno is 13)
Could not open /var/spool/cups (errno is 13)
Could not open /var/lock/aptitude
Could not open /var/lock/whoopsie/lock
Could not open /var/lib/samba/winbindd_privileged (errno is 13)
Could not open /var/lib/lightdm (errno is 13)
Could not open /var/lib/sudo (errno is 13)
Could not open /var/lib/urandom/random-seed
Could not open /var/lib/polkit-1 (errno is 13)
Could not open /var/lib/ureadahead/pack
Could not open /var/lib/apt/lists/lock
Could not open /var/lib/dpkg/lock
Could not open /var/lib/dpkg/triggers/Lock
Could not open /var/lib/udisks2 (errno is 13)
Could not open /var/log/samba/cores (errno is 13)
Could not open /var/log/btmp
Could not open /var/log/installer/syslog
Could not open /var/log/installer/debug
Could not open /var/log/installer/version
Could not open /var/log/installer/partman
Could not open /var/log/speech-dispatcher (errno is 13)
Could not open /var/run/wpa_supplicant (errno is 13)
Could not open /var/run/udisks2 (errno is 13)
Could not open /var/run/lightdm (errno is 13)
Could not open /var/run/cups/certs (errno is 13)
Could not open /var/run/samba/winbindd_privileged (errno is 13)
Could not open /var/run/samba/ncalrpc/np (errno is 13)
Could not open /home/jeison/.cache/dconf (errno is 13)
>>> Virus 'Troj/Keygen-FU' found in file /home/jeison/Downloads/Office 2010/Ativador/Office 2010 Toolkit.exe
Could not open /home/jeison/.config/enchant (errno is 13)
Could not open /home/jeison/.config/pulse/7a8574166aacb3b03c474f8554e3834d-runtime
Could not open /home/jeison/.mozilla/firefox/hip223b2.default-1402777301759/lock
Could not open /home/lost+found (errno is 13)
Could not open /root (errno is 13)
Could not open /usr/lib/cups/backend/serial
Could not open /usr/lib/cups/backend/gutenprint52+usb
Could not open /usr/lib/virtualbox/VBoxNetDHCP
Could not open /usr/lib/virtualbox/VBoxNetNAT
Could not open /usr/lib/virtualbox/VBoxNetAdpCtl
Could not open /usr/lib/virtualbox/VirtualBox
Could not open /usr/lib/virtualbox/VBoxHeadless
Could not open /usr/lib/virtualbox/VBoxVolInfo
Could not open /usr/lib/virtualbox/VBoxSDL
Could not open /usr/share/doc/google-chrome-stable (errno is 13)
Could not open /usr/local/bin/savscan
Could not open /usr/local/bin/sweep
Could not open /usr/local/etc/sav (errno is 13)
Could not open /lost+found (errno is 13)
Could not open /opt/sophos-av/uninstall.sh
Could not open /opt/sophos-av/lib (errno is 13)
Could not open /opt/sophos-av/bin (errno is 13)
Could not open /opt/sophos-av/etc/sophosav (errno is 13)
Could not open /opt/sophos-av/etc/free_version
Could not open /opt/sophos-av/doc (errno is 13)
Could not open /opt/sophos-av/log (errno is 13)
Could not open /opt/sophos-av/var (errno is 13)
Could not open /opt/sophos-av/uncdownload (errno is 13)
Could not open /opt/sophos-av/share (errno is 13)
Could not open /opt/sophos-av/talpa (errno is 13)
Could not open /opt/sophos-av/update (errno is 13)
Could not open /opt/sophos-av/include (errno is 13)
Could not open /opt/sophos-av/engine (errno is 13)
Could not open /opt/sophos-av/lib64 (errno is 13)
Could not open /opt/sophos-av/tmp (errno is 13)
61810 files scanned in 25 minutes and 53 seconds.
96 errors were encountered.
1 virus was discovered.
1 file out of 61810 was infected.
If you need further advice regarding any detections please visit our
Threat Center at: http://www.sophos.com/en-us/threat-center.aspx
End of Scan.
jeison@jeison-Infoway:~$ B
Ao detectar um arquivo afetado, Sophos nega o acesso ao arquivo e exibe uma notificação pop-up. Se isso não pode ser exibido, um alerta de cmdline é exibido.
[...]
>>> Virus 'Troj/Keygen-FU' found in file /home/jeison/Downloads/Office 2010/Ativador/Office 2010 Toolkit.exe
[...]
61810 files scanned in 25 minutes and 53 seconds.
96 errors were encountered.
1 virus was discovered.
1 file out of 61810 was infected.
[...]
E "boa diversão"...!!!
Para quem desejar acessar a postagem original do Holmes,
clique aqui.