创建/tools/ 文件夹,并将需要的软件包上传到该目录下

# mkdir -p /tools/ && cd /tools/

# tar -xzvf chang.tar.gz

# cd chang/

1、安装jre

# mkdir -p /usr/java/

# tar -xzvf jre-8u261-linux-x64.tar.gz -C /usr/java/

# chown -R root.root /usr/java/

# cat >> /etc/Symantec.conf << EOF

[Symantec Shared]

BaseDir=/opt/Symantec

JAVA_HOME=/usr/java/jre1.8.0_261/bin

EOF

jre下载地址:https://www.oracle.com/java/technologies/javase-server-jre8-downloads.html

2、复制jce

# apt install unzip

# unzip jce_policy-8.zip -d jce_policy

# cp -av jce_policy/UnlimitedJCEPolicyJDK8/* /usr/java/jre1.8.0_261/lib/security/

jce下载地址:https://www.oracle.com/java/technologies/javase-jce8-downloads.html

3、安装依赖包

# apt-get update

# dpkg --add-architecture i386

# apt-get install libc6:i386 libx11-6:i386 libncurses5:i386 libstdc++6:i386 -y

# apt-get install lib32ncurses5 lib32z1 -y

# apt-get install sharutils -y

# apt-get install ncompress -y

# apt-get install linux-headers-$(uname -r) build-essential -y

4、安装

# unzip SEP-deb.zip

# chmod 777 SEP-deb/install.sh

# SEP-deb/install.sh -i

Starting to install Symantec Endpoint Protection for Linux

Performing pre-check...

dpkg-query: no packages found matching unity

Pre-check succeeded

dpkg-query: no packages found matching unity

Begin installing virus protection component

Selecting previously unselected package sav.

(Reading database ... 144383 files and directories currently installed.)

Preparing to unpack .../SEP-deb/./Repository/sep.deb ...

Performing pre-check...

Pre-check is successful

Unpacking sav (12.1.6867-6400) ...

Setting up sav (12.1.6867-6400) ...

Processing triggers for systemd (237-3ubuntu10.38) ...

Processing triggers for ureadahead (0.100.0-21) ...

Processing triggers for man-db (2.8.3-2ubuntu0.1) ...

Virus protection component installed successfully

Begin installing Auto-Protect component

Selecting previously unselected package savap.

(Reading database ... 144442 files and directories currently installed.)

Preparing to unpack ..././Repository/sepap-x64.deb ...

Performing pre-check...

Pre-check is successful

Unpacking savap (12.1.6867-6400) ...

Setting up savap (12.1.6867-6400) ...

Processing triggers for systemd (237-3ubuntu10.38) ...

Processing triggers for ureadahead (0.100.0-21) ...

Auto-Protect component installed successfully

Begin installing GUI component

Selecting previously unselected package savui.

(Reading database ... 144465 files and directories currently installed.)

Preparing to unpack .../SEP-deb/./Repository/sepui.deb ...

Performing pre-check...

Pre-check is successful

Unpacking savui (12.1.6867-6400) ...

Setting up savui (12.1.6867-6400) ...

Processing triggers for man-db (2.8.3-2ubuntu0.1) ...

Processing triggers for mime-support (3.60ubuntu1) ...

GUI component installed successfully

Begin installing LiveUpdate component

Selecting previously unselected package savjlu.

(Reading database ... 144472 files and directories currently installed.)

Preparing to unpack ..././Repository/sepjlu.deb ...

Performing pre-check...

Pre-check is successful

Unpacking savjlu (12.1.6867-6400) ...

Setting up savjlu (12.1.6867-6400) ...

LiveUpdate component installed successfully

Begin installing legacy Auto-Protect component

Legacy Auto-Protect component installed successfully

Pre-compiled Auto-Protect kernel modules are not loaded yet, need compile them from source code

Build Auto-Protect kernel modules from source code successfully

Installation completed

=============================================================

Daemon status:

symcfgd [running]

rtvscand [running]

smcd [running]

=============================================================

Drivers loaded:

symap_custom_4_15_0_76_generic_x86_64

symev_custom_4_15_0_76_generic_x86_64

=============================================================

Auto-Protect starting

Protection status:

Definition: Waiting for update.

AP: Malfunctioning

=============================================================

The log files for installation of Symantec Endpoint Protection for Linux are under ~/:

sepfl-install.log

sep-install.log

sepap-install.log

sepap-legacy-install.log

sepui-install.log

sepjlu-install.log

sepfl-kbuild.log

5、让AP变成Enabled状态,需要的三个条件:

(1)symev和symap两个驱动被正确加载到内核里

# lsmod | grep -E "symev|symap"

symap_custom_4_15_0_76_generic_x86_64 49152 28

symev_custom_4_15_0_76_generic_x86_64 90112 2 symap_custom_4_15_0_76_generic_x86_64

(2)当前的SEP已经成功加载了一份病毒定义(无论新旧)

下载地址:

https://www.broadcom.com/support/security-center/definitions/download/detail?gid=sep

例如:

# wget https://definitions.symantec.com/defs/20200813-002-core15unix.sh

# chmod 777 20200813-002-core15unix.sh

# ./20200813-002-core15unix.sh

(3)rtvscand等SEP相关服务已经正常启动

/etc/init.d/symcfgd status

/etc/init.d/rtvscand status

/etc/init.d/smcd status

/etc/init.d/autoprotect status

# 启动服务命令

/etc/init.d/symcfgd start

/etc/init.d/rtvscand start

/etc/init.d/smcd start

/etc/init.d/autoprotect start

# 关闭服务命令

/etc/init.d/autoprotect stop

/etc/init.d/smcd stop

/etc/init.d/rtvscand stop

/etc/init.d/symcfgd stop

6、将服务加入开机自启动

systemctl enable symcfgd

systemctl enable rtvscand

systemctl enable smcd

systemctl enable autoprotect

7、其它命令

# 查看帮助信息

# /opt/Symantec/symantec_antivirus/sav -h

# 查看产品版本

# /opt/Symantec/symantec_antivirus/sav info -p

12.1.6 (12.1 RU6 MP4) build 6867 (12.1.6867.6400)

# 开启自动防护

# /opt/Symantec/symantec_antivirus/sav autoprotect -e

# 关闭自动防护

# /opt/Symantec/symantec_antivirus/sav autoprotect -d

#查看auto-protect是否enable

/opt/Symantec/symantec_antivirus/sav info -a

Enabled

# 查看病毒定义是否升级

# /opt/Symantec/symantec_antivirus/sav info -d

08/13/2020 rev. 2

# 查看扫描信息

# /opt/Symantec/symantec_antivirus/sav info -s

General Status: Done

Manual Scan: Done

每日调度扫描: Never run

# 查看扫描日志

# cat /var/symantec/Logs/AVMan.log

# cat /var/symantec/Logs/AVMan.log

00080000 00080000 00000003 00000002 00000002 0000001e

000000fa 01d6719baf89e92a 01d6719bad937500 01d6719bad937500 00000001 32070D120032,3,2,0,NAS,root,,,,,,,16777216,"Scan s

tarted on all drives and all extensions.",1597341652,,0,,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,00000126 01d6719c02f69112 01d6719c0236f000 01d6719c0236f000 00000001 32070D12030C,2,2,0,NAS,root,,,,,,,16777216,"Scan C

omplete: Threats: 0 Scanned: 0 Files/Folders/Drives Omitted: 314541",1597341652,,0,0:0:0:314541,,,,0,,,,,,,,,,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,,0000010f 01d671a600cc8248 01d671a360b39c80 01d671a360b39c80 00000001 32070D123739,5,1,2,NAS,root,EICAR Test String,/too

ls/eicar.com,5,1,1,256,33574980,"",0,,0,,994050048,11101,0,0,0,,,,20200813.002,208156,0,,0,,,,,,,00:50:56:8d:15:dc,12.1.6867.6400,,,,,,,,,,,,,,,,0,,,0,

# eicar.com 是从 https://www.eicar.org/?page_id=3950 网站上下载的测试病毒,放入Linux中后被拦截。

参考文章:

https://blog.csdn.net/gdlwx/article/details/106709181

https://545c.com/dir/17401394-28826326-bf937e

ubuntu 18.4LTS 安装12.1.6赛门铁克防病毒系统的更多相关文章

  1. Symantec(赛门铁克)非受管检测

    为了查找局域网内没有安装赛门铁克客户端的IP,采用Symantec Endpoint Protect Manager 的非受管检测机制进行网段扫描. 非受管检测机制的原理是:每台电脑开机时都会向同网段 ...

  2. 赛门铁克通配符SSL证书,一张通配型证书实现全站加密

      赛门铁克通配型SSL证书,验证域名所有权和企业信息,属于企业验证(OV) 级SSL证书,最高支持256位加密.申请通配符SSL证书可以保护相同主域名下无限数量的多个子域名(主机).例如,一个通配符 ...

  3. 赛门铁克扩展验证EV SSL证书

      申请EV SSL证书,将接受最严格验证企业域名所有权和企业身份信息,属于最高信任级别扩展验证(EV)的 EV SSL证书,最高达256位自适应加密.Symantec不仅提供先进的SSL加密技术,同 ...

  4. 费用最少的一款赛门铁克SSL证书

    Symantec Secure Site SSL证书,验证域名所有权和企业信息,属于Symantec Class 3企业(OV)验证 级SSL证书,为40位/56位/128/256位自适应加密,目前连 ...

  5. 赛门铁克和DigiCert证书有什么区别?

    在众多国人眼里,赛门铁克Symantec名气更胜于DigiCert证书.但是,我们知道2017年赛门铁克因一系列原因被DigiCert收购,品牌名称也被更新为DigiCert Secure Site. ...

  6. 彭博社:博通正在与赛门铁克洽谈收购事宜(博通能买得起 又能讲故事的 没几个了 为了刺激资本的兴趣 只能瞎搞 就和intel 收购 麦咖啡一样。就像杜蕾斯收购美赞臣一样,也许只是纯粹的商业行为,哪行赚钱干哪行)

    彭博社今日消息,知名芯片制造商 Broadcom 公司正在就收购网络安全公司 Symantec 事宜进行高级会谈,因为 Broadcom 希望寻找半导体业务之外的机会,以实现多元化经营. 据称,在彭博 ...

  7. 数据库服务器的监控 赛门铁克 Veritas i3 APM 查找指定时间段最耗服务器资源的TopSQL

  8. 解决Chrome 70版本以后谷歌不再信任赛门铁克证书问题

    Google 从 2018 年 10 月发布的 Chrome 70 就停止信任赛门铁克的旧证书了,而 Mozilla 也将在 10 月底发布 Firefox 63 时停止信任赛门铁克的旧证书. 导致大 ...

  9. Ubuntu 18.04 安装MySQL

    最近在写东西的时候,需要用到MySQL,在网上查了一下,都说Ubuntu18.04不能安装MySQL5.7.22, 总觉的不可能,所以自己就研究了一下,然后分享给大家 工具/原料   VMware W ...

随机推荐

  1. kubernetes客户端client-go使用

    下载地址: https://github.com/kubernetes/client-go 官方使用文档参考:https://v1-16.docs.kubernetes.io/docs/referen ...

  2. [bug] C:error: initializer element is not constant

    参考 http://codingdict.com/questions/45121

  3. Docker存储(4)

    一.docker存储资源类型 用户在使用 Docker 的过程中,势必需要查看容器内应用产生的数据,或者需要将容器内数据进行备份,甚至多个容器之间进行数据共享,这必然会涉及到容器的数据管理 (1)Da ...

  4. 任务相关的API函数-uxTaskGetSystemState

    uxTaskGetSystemState:此函数用于获取系统中所有的任务状态,每个任务的状态信息保存在一个TaskStatus_t类型的结构体里面.要使用此函数必须把 configUSE_TRACE_ ...

  5. 解决idea查不到插件

    http://127.0.0.1:1080

  6. Scrapy的Request和Response

    Scrapy的Request和Response   本文链接:https://blog.csdn.net/kissazhu/article/details/80865773 上节课我们学习了中间件,知 ...

  7. LogMysqlApeT

    with LogMysqlApeT(db) as m_client: condition = "select * from {} where deleted=0 ".format( ...

  8. GO学习-(3) VS Code配置Go语言开发环境

    VS Code配置Go语言开发环境 VS Code配置Go语言开发环境 说在前面的话,Go语言是采用UTF8编码的,理论上使用任何文本编辑器都能做Go语言开发.大家可以根据自己的喜好自行选择.编辑器/ ...

  9. Tensorflow 2.0 搭建神经网络(局部)

    前向传播 tensorflow.keras 搭建网络时,内部的网络可以直接完成所有层的前向计算.全连接Dense() 层,最后一层的神经元的个数需要和最后一层线性函数 w x + b 的维度对应上,中 ...

  10. 改进遗传算法之CHC算法简要介绍

    简要介绍: CHC算法是Eshelman于1991年提出的一种改进的遗传算法的缩称,第一个C代表跨世代精英选择(Cross generational elitist selection)策略, H代表 ...