echochio

1. 安裝 linux Centos 6.8 x32 .....(我裝 x64 設不起來 ...改天再研究 ... CentOS 7 改天再試)

2.安裝 compile 工具 gcc , g++ 等等開發工具

3. 

趨勢下載區 : http://downloadcenter.trendmicro.com/
掃描引擎(X32的) engv_linux_xxx-xxxx.zip 
解開為 libvsapi.so 
放於 /etc/iscan 下面

病毒檔 Enterprise Pattern - Unix 
ptnXXX.tar 檔 解開為 lpt$vpn.XXX
放於 /etc/iscan 下面

4. 下載 havp ...我是用 havp-0.92a ....解壓縮切換到 havp-0.92a

 ./configure --disable-clamav

make
make install

groupadd havp
useradd -g havp havp

修改 /usr/local/etc/havp/havp.config 

### 理論上越多的執行緒效能效能越好, 但仍需視伺服器資源而定  看需求
# Default:
# SERVERNUMBER 8
# MAXSERVERS 100

### 只記錄 error log. 較少的 Log 記錄可減輕伺服器負擔  看需求
LOGLEVEL 0

### 不對圖片檔掃毒, 可減輕 CPU 負擔 看需求
SCANIMAGES false

#####
##### Trend Micro Library Scanner (Trophie)
#####

ENABLETROPHIE true

----------------------------------------------------------------

修改 rc.local

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
# size= 512m RAM disk ...這樣掃描才會快 

mount -t tmpfs -o size=512m tmpfs /mnt/ramdisk 
ln -s /mnt/ramdisk /var/tmp/havp
mount -o mand /mnt/ramdisk
chown havp /var/tmp/havp /var/log/havp /var/run/havp
chmod 700 /var/tmp/havp /var/log/havp /var/run/havp

/etc/init.d/havp start

touch /var/lock/subsys/local

--------------------------------------------------

執行  rc.local

看服務是否有

/usr/local/sbin/havp -c /usr/local/etc/havp/havp.config

netstat -na |grep 8080

tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN

--------------------------------------------------

linux 防火牆要開 8080 服務

--------------------------------------------------

這樣將 web 導向這台 linux port 8080 就可
 

可觀看 log 

tail -f 

/var/log/havp/access.log

有病毒時會在 /var/log/havp/error.log

如 :

12/10/2016 08:33:39 === Starting HAVP Version: 0.92
12/10/2016 08:33:39 Running as user: havp, group: havp
12/10/2016 08:33:39 --- Initializing Trend Micro Library Scanner
12/10/2016 08:33:40 Trophie: Loaded 718104 signatures (pattern 12.651.00 / engine 9.850-1008)
12/10/2016 08:33:40 Trend Micro Library Scanner passed EICAR virus test (Eicar_test_file)
12/10/2016 08:33:40 --- All scanners initialized
12/10/2016 08:33:40 Process ID: 1749
 

-------------------------