Lynis and ClamAV installation

ValentineValentine Administrator

Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.

ClamAV is an open source (GPL) anti-virus engine used in a variety of situations including email scanning, web scanning, and end point security. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and an advanced tool for automatic database updates.

0. Preliminary requirements:

"CentOS 7" template installed on server;
"nano" text editor installed (yum install nano -y).

1. Installation of Lynis

mkdir /usr/local/lynis

cd /usr/local/lynis

wget https://cisofy.com/files/lynis-2.3.2.tar.gz

tar -xvf lynis-2.3.2.tar.gz

Newest version can be found at: https://cisofy.com/download/lynis/

2. Using Lynis

To execute Lynis we first have to move to its folder:

cd /usr/local/lynis/lynis

In order to see Lynis tutorial execute:

./lynis

To check entire VPS execute:

./lynis --check-all

1. Intallation of ClamAV

yum install epel-release

yum update

yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

2. Enabling Freshclam

Freshclam will keep ClamAV up-to-date. In this tutorial it is set to check 4 times a day for new files.

cp /etc/freshclam.conf /etc/freshclam.conf.bak

sed -i '/Example/d' /etc/freshclam.conf

Edit "clam-freshclam.service" file:

nano /usr/lib/systemd/system/clam-freshclam.service

And paste the content:
# Run the freshclam as daemon
[Unit]
Description = freshclam scanner
After = network.target

[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Enabling freshclam to start automatically:

systemctl enable clam-freshclam.service

systemctl start clam-freshclam.service

3. Configuring ClamAV deamon

cp /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf

sed -i '/Example/d' /etc/clamd.d/clamd.conf

mv /usr/lib/systemd/system/[email protected] /usr/lib/systemd/system/clamd.service

Now you have to remove "@ symbol from [email protected]" file:

nano /usr/lib/systemd/system/[email protected]

In line:
.include /lib/systemd/system/[email protected]
Now we have to change the clamd service file:

nano /usr/lib/systemd/system/clamd.service
[Unit]
Description = clamd scanner daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Now move to "system" directory:

cd /usr/lib/systemd/system

And enable clamd to start automatically:

systemctl enable clamd.service

systemctl enable [email protected]

systemctl start clamd.service

systemctl start [email protected]

Comments

  • Missing several directories (systems/system...) and commands (systemctl..) (template install VPS CentOS 6 + webmin installation). How to install Clam then?
  • Missing several directories (systems/system...) and commands (systemctl..) (template install VPS CentOS 6 + webmin installation). How to install Clam then?
    This tutorial is made for CentoOS 7. For CentOS 6 you just need to start the clamd service and set it to auto-start. Run these commands:
    /etc/init.d/clamd on
    chkconfig clamd on
    /etc/init.d/clamd start

  • Thanks. I will go from there

Sign In or Register to comment.