2016-10-12
安裝 linux Centos 6.8 x32 …..(我裝 x64 設不起來 …改天再研究 … CentOS 7 改天再試)
安裝 compile 工具 gcc , g++ 等等開發工具
趨勢下載區 : http://downloadcenter.trendmicro.com/
掃描引擎(X32的) engv_linux_xxx-xxxx.zip
解開為 libvsapi.so
放於 /etc/iscan 下面
病毒檔 Enterprise Pattern - Unix
ptnXXX.tar 檔 解開為 lpt$vpn.XXX
放於 /etc/iscan 下面
./configure --disable-clamav
make
make install
groupadd havp
useradd -g havp havp
修改 /usr/local/etc/havp/havp.config
### 理論上越多的執行緒效能效能越好, 但仍需視伺服器資源而定 看需求
# Default:
# SERVERNUMBER 8
# MAXSERVERS 100
### 只記錄 error log. 較少的 Log 記錄可減輕伺服器負擔 看需求
LOGLEVEL 0
### 不對圖片檔掃毒, 可減輕 CPU 負擔 看需求
SCANIMAGES false
#####
##### Trend Micro Library Scanner (Trophie)
#####
ENABLETROPHIE true
修改 rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
# size= 512m RAM disk ...這樣掃描才會快
mount -t tmpfs -o size=512m tmpfs /mnt/ramdisk
ln -s /mnt/ramdisk /var/tmp/havp
mount -o mand /mnt/ramdisk
chown havp /var/tmp/havp /var/log/havp /var/run/havp
chmod 700 /var/tmp/havp /var/log/havp /var/run/havp
/etc/init.d/havp start
touch /var/lock/subsys/local
執行 rc.local
看服務是否有
/usr/local/sbin/havp -c /usr/local/etc/havp/havp.config
netstat -na |grep 8080
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
linux 防火牆要開 8080 服務
這樣將 web 導向這台 linux port 8080 就可
可觀看 log
有病毒時會在 /var/log/havp/error.log
tail -f /var/log/havp/access.log
12/10/2016 08:33:39 === Starting HAVP Version: 0.92
12/10/2016 08:33:39 Running as user: havp, group: havp
12/10/2016 08:33:39 --- Initializing Trend Micro Library Scanner
12/10/2016 08:33:40 Trophie: Loaded 718104 signatures (pattern 12.651.00 / engine 9.850-1008)
12/10/2016 08:33:40 Trend Micro Library Scanner passed EICAR virus test (Eicar_test_file)
12/10/2016 08:33:40 --- All scanners initialized
12/10/2016 08:33:40 Process ID: 1749