operating_systems:linux:debian:cleanmachine
cleanMachine.sh
A small script to perform virus analysis with clamscan on NTFS formated hard disk (useful with nfsbooted distribution)
The necessary packages is:
aptitude install ntfsprogs
and finally the script:
#!/bin/bash SRC=/dev/sda1 TARGET=/mnt TYPE=ntfs IP=`ifconfig eth0 | grep inet | awk '{ print $2 }' | sed 's/addr://' | grep .` TODAY=`date +%F_%R` CLAMTMPDIR=/var/lib/clamav/tmp CLAMLOG="$CLAMTMPDIR/$IP""_$TODAY.log" echo -n "Mounting $SRC on $TARGET... " if ! mount -l | grep -c $SRC >/dev/null; then mount -t $TYPE $SRC $TARGET 2>&1 >/dev/null if [ $? == 0 ]; then echo "SUCCESS" else echo "FAILED" echo "ABORTING!" exit fi else echo "ALREADY MOUNTED" fi #/etc/init.d/clamav-freshclam restart touch $CLAMLOG echo "Analysis started..." > $CLAMLOG echo "The analysis will start soon..." echo -n "If you want to follow the work in progress, use: " echo "tail -n 30 -f $CLAMLOG" echo echo -n "Checking for viruses..." VIRUS=0 clamscan -ri --quiet --tempdir=$CLAMTMPDIR --log=$CLAMLOG $TARGET >>$CLAMLOG 2>&1 if [ $? == 1 ]; then VIRUS=1 echo ":-(" else echo ":-)" fi echo -n "Unmounting $SRC from $TARGET... " umount $TARGET if [ $? == 0 ]; then echo "SUCCESS" else echo "FAILED" exit fi #prepare this to remove eventual viruses #aptitude install ntfsprogs -- THE PRESENCE OF ntfsmount IS NOT YET CHECKED if [ $VIRUS ]; then echo -n "Mounting $SRC on $TARGET with ntfsmount..." ntfsmount $SRC $TARGET if [ $? == 0 ]; then echo "SUCCESS" echo "Use clamscan --remove $SRC/.../theInfectedFile to remove viruses found (see $CLAMLOG)!" else echo "FAILED" fi fi exit
operating_systems/linux/debian/cleanmachine.txt · Last modified: 2011/08/15 05:37 by sbolay