ubuntu 18.4LTS 安装12.1.6赛门铁克防病毒系统
创建/tools/ 文件夹,并将需要的软件包上传到该目录下
# mkdir -p /tools/ && cd /tools/
# tar -xzvf chang.tar.gz
# cd chang/
1、安装jre
# mkdir -p /usr/java/
# tar -xzvf jre-8u261-linux-x64.tar.gz -C /usr/java/
# chown -R root.root /usr/java/
# cat >> /etc/Symantec.conf << EOF
[Symantec Shared]
BaseDir=/opt/Symantec
JAVA_HOME=/usr/java/jre1.8.0_261/bin
EOF
jre下载地址:https://www.oracle.com/java/technologies/javase-server-jre8-downloads.html
2、复制jce
# apt install unzip
# unzip jce_policy-8.zip -d jce_policy
# cp -av jce_policy/UnlimitedJCEPolicyJDK8/* /usr/java/jre1.8.0_261/lib/security/
jce下载地址:https://www.oracle.com/java/technologies/javase-jce8-downloads.html
3、安装依赖包
# apt-get update
# dpkg --add-architecture i386
# apt-get install libc6:i386 libx11-6:i386 libncurses5:i386 libstdc++6:i386 -y
# apt-get install lib32ncurses5 lib32z1 -y
# apt-get install sharutils -y
# apt-get install ncompress -y
# apt-get install linux-headers-$(uname -r) build-essential -y
4、安装
# unzip SEP-deb.zip
# chmod 777 SEP-deb/install.sh
# SEP-deb/install.sh -i
Starting to install Symantec Endpoint Protection for Linux
Performing pre-check...
dpkg-query: no packages found matching unity
Pre-check succeeded
dpkg-query: no packages found matching unity
Begin installing virus protection component
Selecting previously unselected package sav.
(Reading database ... 144383 files and directories currently installed.)
Preparing to unpack .../SEP-deb/./Repository/sep.deb ...
Performing pre-check...
Pre-check is successful
Unpacking sav (12.1.6867-6400) ...
Setting up sav (12.1.6867-6400) ...
Processing triggers for systemd (237-3ubuntu10.38) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Virus protection component installed successfully
Begin installing Auto-Protect component
Selecting previously unselected package savap.
(Reading database ... 144442 files and directories currently installed.)
Preparing to unpack ..././Repository/sepap-x64.deb ...
Performing pre-check...
Pre-check is successful
Unpacking savap (12.1.6867-6400) ...
Setting up savap (12.1.6867-6400) ...
Processing triggers for systemd (237-3ubuntu10.38) ...
Processing triggers for ureadahead (0.100.0-21) ...
Auto-Protect component installed successfully
Begin installing GUI component
Selecting previously unselected package savui.
(Reading database ... 144465 files and directories currently installed.)
Preparing to unpack .../SEP-deb/./Repository/sepui.deb ...
Performing pre-check...
Pre-check is successful
Unpacking savui (12.1.6867-6400) ...
Setting up savui (12.1.6867-6400) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for mime-support (3.60ubuntu1) ...
GUI component installed successfully
Begin installing LiveUpdate component
Selecting previously unselected package savjlu.
(Reading database ... 144472 files and directories currently installed.)
Preparing to unpack ..././Repository/sepjlu.deb ...
Performing pre-check...
Pre-check is successful
Unpacking savjlu (12.1.6867-6400) ...
Setting up savjlu (12.1.6867-6400) ...
LiveUpdate component installed successfully
Begin installing legacy Auto-Protect component
Legacy Auto-Protect component installed successfully
Pre-compiled Auto-Protect kernel modules are not loaded yet, need compile them from source code
Build Auto-Protect kernel modules from source code successfully
Installation completed
=============================================================
Daemon status:
symcfgd [running]
rtvscand [running]
smcd [running]
=============================================================
Drivers loaded:
symap_custom_4_15_0_76_generic_x86_64
symev_custom_4_15_0_76_generic_x86_64
=============================================================
Auto-Protect starting
Protection status:
Definition: Waiting for update.
AP: Malfunctioning
=============================================================
The log files for installation of Symantec Endpoint Protection for Linux are under ~/:
sepfl-install.log
sep-install.log
sepap-install.log
sepap-legacy-install.log
sepui-install.log
sepjlu-install.log
sepfl-kbuild.log
5、让AP变成Enabled状态,需要的三个条件:
(1)symev和symap两个驱动被正确加载到内核里
# lsmod | grep -E "symev|symap"
symap_custom_4_15_0_76_generic_x86_64 49152 28
symev_custom_4_15_0_76_generic_x86_64 90112 2 symap_custom_4_15_0_76_generic_x86_64
(2)当前的SEP已经成功加载了一份病毒定义(无论新旧)
下载地址:
https://www.broadcom.com/support/security-center/definitions/download/detail?gid=sep
例如:
# wget https://definitions.symantec.com/defs/20200813-002-core15unix.sh
# chmod 777 20200813-002-core15unix.sh
# ./20200813-002-core15unix.sh
(3)rtvscand等SEP相关服务已经正常启动
/etc/init.d/symcfgd status
/etc/init.d/rtvscand status
/etc/init.d/smcd status
/etc/init.d/autoprotect status
# 启动服务命令
/etc/init.d/symcfgd start
/etc/init.d/rtvscand start
/etc/init.d/smcd start
/etc/init.d/autoprotect start
# 关闭服务命令
/etc/init.d/autoprotect stop
/etc/init.d/smcd stop
/etc/init.d/rtvscand stop
/etc/init.d/symcfgd stop
6、将服务加入开机自启动
systemctl enable symcfgd
systemctl enable rtvscand
systemctl enable smcd
systemctl enable autoprotect
7、其它命令
# 查看帮助信息
# /opt/Symantec/symantec_antivirus/sav -h
# 查看产品版本
# /opt/Symantec/symantec_antivirus/sav info -p
12.1.6 (12.1 RU6 MP4) build 6867 (12.1.6867.6400)
# 开启自动防护
# /opt/Symantec/symantec_antivirus/sav autoprotect -e
# 关闭自动防护
# /opt/Symantec/symantec_antivirus/sav autoprotect -d
#查看auto-protect是否enable
/opt/Symantec/symantec_antivirus/sav info -a
Enabled
# 查看病毒定义是否升级
# /opt/Symantec/symantec_antivirus/sav info -d
08/13/2020 rev. 2
# 查看扫描信息
# /opt/Symantec/symantec_antivirus/sav info -s
General Status: Done
Manual Scan: Done
每日调度扫描: Never run
# 查看扫描日志
# cat /var/symantec/Logs/AVMan.log
# cat /var/symantec/Logs/AVMan.log
00080000 00080000 00000003 00000002 00000002 0000001e
000000fa 01d6719baf89e92a 01d6719bad937500 01d6719bad937500 00000001 32070D120032,3,2,0,NAS,root,,,,,,,16777216,"Scan s
tarted on all drives and all extensions.",1597341652,,0,,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,00000126 01d6719c02f69112 01d6719c0236f000 01d6719c0236f000 00000001 32070D12030C,2,2,0,NAS,root,,,,,,,16777216,"Scan C
omplete: Threats: 0 Scanned: 0 Files/Folders/Drives Omitted: 314541",1597341652,,0,0:0:0:314541,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,0000010f 01d671a600cc8248 01d671a360b39c80 01d671a360b39c80 00000001 32070D123739,5,1,2,NAS,root,EICAR Test String,/too
ls/eicar.com,5,1,1,256,33574980,"",0,,0,,994050048,11101,0,0,0,,,,20200813.002,208156,0,,0,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,0,
# eicar.com 是从 https://www.eicar.org/?page_id=3950 网站上下载的测试病毒,放入Linux中后被拦截。
参考文章:
https://blog.csdn.net/gdlwx/article/details/106709181
https://545c.com/dir/17401394-28826326-bf937e
ubuntu 18.4LTS 安装12.1.6赛门铁克防病毒系统的更多相关文章
- Symantec(赛门铁克)非受管检测
为了查找局域网内没有安装赛门铁克客户端的IP,采用Symantec Endpoint Protect Manager 的非受管检测机制进行网段扫描. 非受管检测机制的原理是:每台电脑开机时都会向同网段 ...
- 赛门铁克通配符SSL证书,一张通配型证书实现全站加密
赛门铁克通配型SSL证书,验证域名所有权和企业信息,属于企业验证(OV) 级SSL证书,最高支持256位加密.申请通配符SSL证书可以保护相同主域名下无限数量的多个子域名(主机).例如,一个通配符 ...
- 赛门铁克扩展验证EV SSL证书
申请EV SSL证书,将接受最严格验证企业域名所有权和企业身份信息,属于最高信任级别扩展验证(EV)的 EV SSL证书,最高达256位自适应加密.Symantec不仅提供先进的SSL加密技术,同 ...
- 费用最少的一款赛门铁克SSL证书
Symantec Secure Site SSL证书,验证域名所有权和企业信息,属于Symantec Class 3企业(OV)验证 级SSL证书,为40位/56位/128/256位自适应加密,目前连 ...
- 赛门铁克和DigiCert证书有什么区别?
在众多国人眼里,赛门铁克Symantec名气更胜于DigiCert证书.但是,我们知道2017年赛门铁克因一系列原因被DigiCert收购,品牌名称也被更新为DigiCert Secure Site. ...
- 彭博社:博通正在与赛门铁克洽谈收购事宜(博通能买得起 又能讲故事的 没几个了 为了刺激资本的兴趣 只能瞎搞 就和intel 收购 麦咖啡一样。就像杜蕾斯收购美赞臣一样,也许只是纯粹的商业行为,哪行赚钱干哪行)
彭博社今日消息,知名芯片制造商 Broadcom 公司正在就收购网络安全公司 Symantec 事宜进行高级会谈,因为 Broadcom 希望寻找半导体业务之外的机会,以实现多元化经营. 据称,在彭博 ...
- 数据库服务器的监控 赛门铁克 Veritas i3 APM 查找指定时间段最耗服务器资源的TopSQL
- 解决Chrome 70版本以后谷歌不再信任赛门铁克证书问题
Google 从 2018 年 10 月发布的 Chrome 70 就停止信任赛门铁克的旧证书了,而 Mozilla 也将在 10 月底发布 Firefox 63 时停止信任赛门铁克的旧证书. 导致大 ...
- Ubuntu 18.04 安装MySQL
最近在写东西的时候,需要用到MySQL,在网上查了一下,都说Ubuntu18.04不能安装MySQL5.7.22, 总觉的不可能,所以自己就研究了一下,然后分享给大家 工具/原料 VMware W ...
随机推荐
- [bug] org.apache.ibatis.binding.BindingException: Invalid bound statement (not found)
问题 原因不明,按参考文章中的做法,加了空格,clean后解决 参考 http://www.qishunwang.net/news_show_7922.aspx https://www.cnblogs ...
- [BD] Storm
什么是实时计算 离线计算:批处理,代表MapReduce.Spark Core,采集数据Sqoop.Flume 实时计算:源源不断,代表Storm等,采集数据Flume 框架 Apache Storm ...
- Linux查看登录日志 last命令 查看当前登录用户
Linux查看登录日志 linux 发布于 31 分钟前 lastlog 打印系统账号最近一次的登录记录情况,解析的是/var/log/lastlog文件,它是一个data file类型的文件,文 ...
- Linux后台执行命令:&和nohup nohup和&后台运行,进程查看及终止
nohup和&后台运行,进程查看及终止 阅读目录 nohup和&后台运行,进程查看及终止 1.nohup 2.& 3.nohup和&的区别 &:是指在后台运 ...
- 008.kubernets的调度系统之标签选择器
一 Kubernetes 调度简介 除了让 kubernetes 集群调度器自动为 pod 资源选择某个节点(默认调度考虑的是资源足够,并且 load 尽量平均),有些情况我们希望能更多地控制 pod ...
- yum 命令详解-yum仓库配置文件详解
yum安装的优点 1.必须得有网络,通过网络获取软件. 2.管理rpm包 3.自动解决依耐 4.命令简单好用 5.生产最佳实践 yum命令详解 # linux安装软件的三种方式 1.rpm安装 2.源 ...
- 从实例分析ELF格式的.gnu.hash区与glibc的符号查找
前言 ELF格式的.gnu.hash节在设计上比较复杂,直接从glibc源码进行分析的难度也比较大.今天静下心来看了这篇精彩的文章,终于将布隆滤波器.算数运算转为位运算等一系列细节搞懂了(值得一提的是 ...
- Qt 中英文切换
一.前言 软件面向不同国籍用户时,需要显示不同语言的操作界面,Qt提供语言家可翻译为不同语言类型,方便软件走向国际化. 二.功能实现 1.翻译文件制作 1)在pro文件中添加生成中英文翻译过渡文件(. ...
- JS轮播图(网易云轮播图)
JS 轮播图 写在前面 最聪明的人是最不愿浪费时间的人.--但丁 实现功能 图片自动切换 鼠标移入停止自动播放,显示按钮 点击按钮,实现前后翻 鼠标移入小圆圈,可以跳转到对应图片 点击左右两侧图片部分 ...
- Linux C 进程
进程 UNIX编程手册第6 7章完结 24 25 26 27 28 未完待续,可能等到期末考试结束吧 目录 进程 基础知识 内存分布 命令行参数 环境列表 获得环境 修改环境 非本地跳转 内存分配 在 ...