Wed, May 25, 2022
https://devcodepro.comdevcodepro
Home · Latest · Trends
68

Basic ClamAV SSH Command Line Commands

Basic ClamAV antivirus engine SSH command line commands
service clamd statusCheck status
service clamd startStart service
service clamd stopStop service
service clamd restartRestart service
service clamd reloadReload service
freshclam -VVersion info
clamscan -VVersion info 2
clamscan -hPrint help screen
clamscan -r -iScan all files
clamscan -r -i /homeScan all files in home directory
clamscan -l scanlog.logSave scan report to file
clamscan -r -i /home -l scanlog.logScan all files in home directory and save scan report to file
yum upgrade clamavUpgrade Clamav
yum update clamavUpdate Clamav
rated 68 times (68) (0)
comments: 0 / hits: 7090  / 5 years ago, thu, jan 19, 17, 05:40:32
More From » Plain Text
 

Comments

There are no comments for this Snippet yet
Only authorized users can post. Please sign in first, or register a free account
Login with Google
 
Share
Posted
paki
Member since Sep 7, 2016
Total Code Snippets: 12
Total Comments: 0
Location: n/a
paki snippets
6 years ago, thu, sep 8, 16, 3:04:22
<h3>1. Install Spamassassin [SSH]:</h3> <blockquote>sudo yum install spamassassin</blockquote> <h3>2. Create file filters in /etc/exim/ folder with code:</h3> <blockquote>if $h_X-Spam-Flag: contains "YES" then headers add "Old-Subject: $h_subject" headers remove "Subject" headers add "Subject: ***[SPAM]*** $h_old-subject" headers remove "Old-Subject" endif</blockquote> <h3>3. In etc/exim/exim.conf after this line:</h3> <blockquote># $Cambridge: exim/exim-src/src/configure.default,v 1.14 2009/10/16 07:46:13 tom Exp $</blockquote> put this line: <blockquote>system_filter = /etc/exim/filters</blockquote> <h3>4. In etc/exim/exim.conf replace:</h3> <blockquote>#spamd_address = 127.0.0.1 783</blockquote> with: <blockquote>spamd_address = 127.0.0.1 783</blockquote> <h3>5. In etc/exim/exim.conf replace:</h3> <blockquote># Bypass SpamAssassin checks if the message is too large. # #accept condition = ${if >={$message_size}{100000} {1}} #add_header = X-Spam-Note: SpamAssassin run bypassed due to message size # Run SpamAssassin, but allow for it to fail or time out. Add a warning message # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA # score exceeds the SA system threshold. # #warn spam = nobody/defer_ok #add_header = X-Spam-Flag: YES #add_header = X-Spam-Subject: [SPAM] $h_Subject #accept condition = ${if !def:spam_score_int {1}} #add_header = X-Spam-Note: SpamAssassin invocation failed # Unconditionally add score and report headers # #warn add_header = X-Spam-Score: $spam_score ($spam_bar)n #X-Spam-Report: $spam_report</blockquote> with: <blockquote># Bypass SpamAssassin checks if the message is too large. # # accept condition = ${if >={$message_size}{100000} {1}} # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size # Run SpamAssassin, but allow for it to fail or time out. Add a warning message # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA # score exceeds the SA system threshold. # warn spam = nobody/defer_ok add_header = X-Spam-Flag: YES # accept condition = ${if !def:spam_score_int {1}} add_header = X-Spam-Note: SpamAssassin invocation failed # # Unconditionally add score and report headers # warn add_header = X-Spam-Report: $spam_report</blockquote> <h3>6. Check this code exist in /etc/mail/spamassassin/local.cf</h3> <blockquote># These values can be overridden by editing ~/.spamassassin/user_prefs.cf # (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. required_hits 5 report_safe 0 rewrite_header Subject [SPAM] required_score 1.3</blockquote> <h3>7. Restart Spamassassin [SSH]:</h3> <blockquote>/etc/init.d/spamassassin restart</blockquote> <h3>8. Restart Exim [SSH]:</h3> <blockquote>service exim restart</blockquote>
comments: 0 / hits: 5800
6 years ago, wed, dec 28, 16, 4:11:52
<table> <tr> <td>csf -v</td><td>Show csf version</td> </tr> <tr> <td>csf -l</td><td>Status</td> </tr> <tr> <td>csf -l6</td><td>List/Show the IPv6 ip6tables configuration</td> </tr> <tr> <td>csf -f</td><td>Flush/Stop firewall rules (Note: lfd may restart csf)</td> </tr> <tr> <td>csf -s</td><td>Start the firewall rules</td> </tr> <tr> <td>csf -r</td><td>Restart firewall rules (csf)</td> </tr> <tr> <td>csf -sf</td><td>Force CLI restart regardless of LFDSTART setting</td> </tr> <tr> <td>csf -ra</td><td>Quick restart (csf restarted by lfd)</td> </tr> <tr> <td>csf -q</td><td>Restart firewall rules (csf) and then restart lfd daemon.</td> </tr> <tr> <td>csf --lfd</td><td>[stop|start|restart|status] Actions to take with the lfd daemon</td> </tr> <tr> <td>csf -a</td><td>Allow an IP and add to /etc/csf/csf.allow Example: <span class="justColor">csf -a 255.255.255.0</span></td> </tr> <tr> <td>csf -ar</td><td>Remove an IP from /etc/csf/csf.allow Example: <span class="justColor">csf -ar 255.255.255.0</span></td> </tr> <tr> <td>csf -d</td><td>Deny an IP and add to /etc/csf/csf.deny Example: <span class="justColor">csf -d 255.255.255.0</span></td> </tr> <tr> <td>csf -dr</td><td> Unblock an IP and remove from /etc/csf/csf.deny Example: <span class="justColor">csf -dr 255.255.255.0</span></td> </tr> <tr> <td>csf -df</td><td>Remove and unblock all entries in /etc/csf/csf.deny</td> </tr> <tr> <td>csf -g</td><td>Search the iptables and ip6tables rules for a match (Port Number or IP)</td> </tr> <tr> <td>csf -t</td><td>Displays the current list of temporary allow and deny IP entries</td> </tr> <tr> <td>csf -tf</td><td>Flush all IPs from the temporary IP entries</td> </tr> <tr> <td>csf -cp</td><td>PING all members in an lfd Cluster</td> </tr> <tr> <td>csf -m</td><td>Display Server Check in HTML or email to [email] if present. Example: <span class="justColor">csf -m [email protected]</span></td> </tr> <tr> <td>csf --rbl</td><td>Process and display RBL Check in HTML or email to [email] if present</td> </tr> <tr> <td>csf -lr</td><td>Initiate Log Scanner report via lfd</td> </tr> <tr> <td>csf -p</td><td>View ports on the server that have a running process behind them listening for external connections</td> </tr> <tr> <td>csf -x</td><td>Disable csf and lfd completely</td> </tr> <tr> <td>csf -e</td><td>Enable csf and lfd if previously disabled</td> </tr> <tr> <td>csf -c</td><td>Check for updates to csf but do not upgrade</td> </tr> <tr> <td>csf -u</td><td>Check for updates to csf and upgrade if available</td> </tr> <tr> <td>csf -uf</td><td>Force an update of csf whether and upgrade is required or not</td> </tr> </table>
comments: 2 / hits: 4251
6 years ago, tue, jan 3, 17, 3:37:12
<!DOCTYPE html> <html lang="en"> <head> <title>Share Buttons</title> <meta name="description" content="Simple CSS javascript social share buttons" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1" /> <style> .buttons a{display:inline-table;margin-right:20px;font-family:'Trebuchet MS',tahoma,verdana;font-weight:800;font-size:15px;text-decoration:none;} .buttons a:hover{opacity:0.8;} .twitterLink{background: #2EACDC;padding:5px 38px;color:#fff;} .googleLink{background: #C3392C;padding:5px 38px;color:#fff;} .facebookLink{background: #46649E;padding:5px 38px;color:#fff;} </style> </head> <body> <div class="buttons"> <a class="twitterLink" href="#" onclick="(function() {if (!window.open('https://twitter.com/intent/tweet?url=' + encodeURIComponent(window.location) + '&text=' + encodeURIComponent(document.title) + '', 'enter', 'left=100,top=120;location=yes,links=no,scrollbars=no,toolbar=no,width=690,height=360')) location.href = 'jump=yes'})();return false;">Twitter</a> <a class="googleLink" href="#" onclick="(function() {if (!window.open('https://plus.google.com/share?url=' + encodeURIComponent(window.location) + '', 'enter', 'left=100,top=120;location=yes,links=no,scrollbars=no,toolbar=no,width=690,height=360')) location.href = 'jump=yes'})();return false;">Google Plus</a> <a class="facebookLink" href="#" onclick="(function() {if (!window.open('https://www.facebook.com/sharer/sharer.php?u=' + encodeURIComponent(window.location) + '', 'enter', 'left=100,top=120;location=yes,links=no,scrollbars=no,toolbar=no,width=690,height=360')) location.href = 'jump=yes'})();return false;">FaceBook</a> </div> </body> </html>
comments: 0 / hits: 2472
5 years ago, sat, jun 10, 17, 3:16:28
###You will need to make sure the following modules are enabled in httpd.conf ###LoadModule filter_module modules/mod_filter.so ###LoadModule deflate_module modules/mod_deflate.so ###LoadModule deflate_module modules/mod_deflate.so <IfModule mod_expires.c> ExpiresActive On ExpiresByType text/css "access 1 year" ExpiresByType text/html "access 1 year" ExpiresByType image/jpg "access 1 year" ExpiresByType image/jpeg "access 1 year" ExpiresByType image/gif "access 1 year" ExpiresByType image/png "access 1 year" ExpiresByType application/pdf "access 1 year" ExpiresByType font/truetype "access plus 1 year" ExpiresByType font/opentype "access plus 1 year" ExpiresByType application/x-font-woff "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType application/vnd.ms-fontobject "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" ExpiresByType text/x-javascript "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" ExpiresByType application/x-javascript "access plus 1 year" ExpiresByType application/x-shockwave-flash "access 1 year" ExpiresByType image/x-icon "access 1 year" ExpiresDefault "access 1 year" </IfModule> ########################################## <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE application/x-font AddOutputFilterByType DEFLATE application/x-font-truetype AddOutputFilterByType DEFLATE application/x-font-ttf AddOutputFilterByType DEFLATE application/x-font-opentype AddOutputFilterByType DEFLATE application/x-font-otf AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE font/otf AddOutputFilterByType DEFLATE font/ttf AddOutputFilterByType DEFLATE font/opentype AddOutputFilterByType DEFLATE image/svg+xml AddOutputFilterByType DEFLATE image/x-icon AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/xml </IfModule>
comments: 0 / hits: 2581
5 years ago, mon, jun 26, 17, 9:21:15
1. Backup /etc/csf/csf.conf 2. Make sure this exist in /etc/csf/csf.conf <blockquote>LF_DAEMON = "1"</blockquote> <blockquote>LF_CSF = "1"</blockquote> <blockquote>SMTP_BLOCK = "1"</blockquote> <blockquote>SMTPAUTH_LOG = "/var/log/exim/reject.log" SMTPRELAY_LOG = "/var/log/exim_mainlog" POP3D_LOG = "/var/log/maillog" IMAPD_LOG = "/var/log/maillog" SCRIPT_LOG = "/var/log/exim_mainlog"</blockquote> <font color="red">If reject.log not exist replace with log file with "Incorrect authentication data" messages</font> 3. Restart LFD <blockquote>csf --lfd restart</blockquote> 4. Restart csf <blockquote>csf -r</blockquote> Output in /etc/csf/csf.deny <blockquote>212.129.11.11 # lfd: (smtpauth) Failed SMTP AUTH login from 212.129.11.11<br />(FR/France/212-129-63-54.example.com): 5 in the last 3600 secs - Mon Jun 26 08:10:47 2017</blockquote>
comments: 0 / hits: 3712
5 years ago, sat, sep 2, 17, 4:26:09
<table> <tr> <td>exim -bpc</td><td>number of emails in queue</td> </tr> <tr> <td>exim -bp</td><td>print a list of messages in queue</td> </tr> <tr> <td>exim -qf</td><td>force deliver all messages in queue</td> </tr> <tr> <td>exim -Mrm <font color="red">mesageid</font></td><td>remove message from the queue</td> </tr> <tr> <td>exim -Mvh <font color="red">mesageid</font></td><td>view message headers</td> </tr> <tr> <td>exim -Mvb <font color="red">mesageid</td><td>view message body</td> </tr> <tr> <td>exim -bp | exiqgrep -i | xargs exim -Mrm</td><td>remove the entire queue</td> </tr> </table>
comments: 1 / hits: 2866
4 years ago, tue, feb 27, 18, 9:25:15
<table> <tr><td>1. Open etc/exim/exim.conf</td></tr> <tr><td>2. Directly after this code line: <blockquote># $Cambridge: exim/exim-src/src/configure.default,v 1.14 2009/10/16 07:46:13 tom Exp $</blockquote> add: <blockquote>keep_environment = X-SOURCE : X-SOURCE-ARGS : X-SOURCE-DIR add_environment = PATH=/usr/local/sbin::/usr/local/bin::/sbin::/bin::/usr/sbin::/usr/bin::/sbin::/bin</blockquote></td></tr> <tr><td>3. Restart Exim: <blockquote>service exim restart</blockquote></td></tr> </table>
comments: 0 / hits: 2066
4 years ago, tue, feb 27, 18, 9:41:12
[[email protected] ~]# iptables -A INPUT -s x.xx.xx.xx -p tcp --dport 25 -j REJECT [[email protected] ~]# service iptables save [[email protected] ~]# service iptables restart
comments: 0 / hits: 2056
4 years ago, wed, feb 28, 18, 11:02:34
1. In etc/exim/exim.conf after this line: <blockquote># $Cambridge: exim/exim-src/src/configure.default,v 1.14 2009/10/16 07:46:13 tom Exp $</blockquote> put this line: <blockquote>system_filter = /etc/exim/filters</blockquote> 2. Create file filters in /etc/exim/ folder with code: <blockquote>if $header_from: contains "example.com" or $header_from: contains "example2.com" then fail endif</blockquote> 3. Restart Exim: <blockquote>service exim restart</blockquote> 4. Log: <blockquote>2018-02-28 10:48:37 1gr3f4-0081uq-O7 <= [email protected] H=g.example.com [xxx.xxx.xx.xx] 2018-02-28 10:48:37 1gr3f4-0081uq-O7 cancelled by system filter</blockquote>
comments: 0 / hits: 1986