How to Install ClamAV on CentOS 7 About ClamAV ClamAV is free open-source antivirus software that is used often and across several platforms. In this tutorial, we are going to teach you how to install ClamAV on CentOS 7. Prerequisites For this tutorial you are going to need: SSH root access to the VPS. Step 1 — Installing ClamAV on CentOS 7 Since Clam does not come with default CentOS software reports, you need to add the additional repository by running yum. yum -y install epel-release yum clean all Now install Clam on CentOS. Simply execute the command below. yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd You have now installed antivirus software on your server. Step 2 — Configuring SELinux SELinux is a security measure whose purpose it is to protect changes to certain files. You will need to perform futher configuration if you would like to use ClamAV with enabled SELinux kernel module. Without this, Clam is not able to read a portion of your files. Simply run the commands below. setsebool -P antivirus_can_scan_system 1 setsebool -P clamd_use_jit 1 To confirm these changes, execute the following command. getsebool -a | grep antivirus You should be receiving the output below or similar. antivirus_can_scan_system --> on antivirus_use_jit --> off Once this output is received, ClamAV is ready to use along with SELinux. Step 3 — Configuring ClamAV Before the Clam Configuration can be enabled, you have to remove the Example string from the configuration file. sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf Now, you will have to specify the server type. Open the configuration file with your favorite editor. In our example, we are going to use nano. If it isn’t currently installed, it must be installed with yum. yum install nano -y Open the configuration file. nano /etc/clamd.d/scan.conf Then, look for the following line. #LocalSocket /var/run/clamd.scan/clamd.sock Replace it with the line below. LocalSocket /var/run/clamd.scan/clamd.sock You may now save the changes by pressing on CTRL + X or COMMAND + X (If you are using a MAC). Before finishing you must delete the Example string from ClamAV’s freshclam update engine configuration file. sed -i -e "s/^Example/#Example/" /etc/freshclam.conf Then, execute the virus definition database update. freshclam You should be receiving the output below or similar. ClamAV update process started at Tue Dec 19 09:30:20 2016 main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) Trying host database.clamav.net (18.104.22.168)... Downloading daily.cvd [100%] daily.cvd updated (version: 22739, sigs: 1100989, f-level: 63, builder: neo) Downloading bytecode-279.cdiff [100%] Downloading bytecode-280.cdiff [100%] Downloading bytecode-281.cdiff [100%] Downloading bytecode-282.cdiff [100%] Downloading bytecode-283.cdiff [100%] bytecode.cld updated (version: 285, sigs: 57, f-level: 63, builder: bbaker) Database updated (5319836 signatures) from database.clamav.net (IP: 22.214.171.124) Finally, start the Clamd service and run it on boot. systemctl start [email protected] systemctl enable [email protected] Conclusion You now have antivirus software on your server, this will help secure it a lot. Feel free to scan your server for malware and viruses. One more thing... Share this tutorial with your hosting administrators and networking experts' friends.
How To Mount A Windows NTFS Disk In Linux The New Technology File System (NTFS) is a proprietary file system created by Microsoft and is used extensively in Microsoft’s Windows operating systems.By default, a lot of Linux distributions will not be able to mount NTFS, though it is possible to install a driver which allows us to do this so that we are able to read and write data to an NTFS disk.In the example below, we will attach the VMDK file from a Windows-based virtual machine to a CentOS 7 Linux virtual machine.Once we run ‘fdisk –I’, we can see that the disk is recognized (after a system reboot), but it is not yet mounted for us to access the data. We should be able to see the primary disk for the Linux system /dev/sda, while /dev/sdb is our 1GB NTFS disk, which has the /dev/sdb1 NTFS partition. [[email protected] ~]# fdisk -l Disk /dev/sda: 21.5 GB, 21474836480 bytes, 41943040 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0004c930 Device Boot Start End Blocks Id System /dev/sda1 * 2048 616447 307200 83 Linux /dev/sda2 616448 4810751 2097152 82 Linux swap / Solaris /dev/sda3 4810752 41943039 18566144 83 Linux Disk /dev/sdb: 1073 MB, 1073741824 bytes, 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0xfc757b2a Device Boot Start End Blocks Id System /dev/sdb1 128 2091135 1045504 7 HPFS/NTFS/exFAT By default, once we attempt to mount the NTFS disk, we will receive the error below: [[email protected] ~]# mkdir /windows [[email protected] ~]# mount /dev/sdb1 /windows/ mount: unknown filesystem type 'ntfs' Install Required Packages If you want to perform the mount, you have to install the NTFS-3G package, which is a Linux NTFS userspace driver. This package will arrive from EPEL if you are using CentOS/RHEL, so if you have not yet configured your system to use the EPEL repository, run the command below: [[email protected] ~]# yum install epel-release -y Now we will be able to install the ntfs-3g package from the EPEL repository. [[email protected] ~]# yum install ntfs-3g -y Otherwise, if you are using Ubuntu/Debian, you will be able to simply run ‘apt-get install ntfs-3g’ straight away. In our Debian 8 installation, it was already available, so we were able to mount NTFS without any issues. Mount The NTFS Disk We can now successfully perform the mount without any errors. [[email protected] ~]# mount /dev/sdb1 /windows/ [[email protected] ~]# blkid /dev/sdb1 /dev/sdb1: LABEL="NTFS" UUID="CA4A1FD94A1FC0DD" TYPE="ntfs" We can confirm that the NTFS disk is seen as mounted by the operating system. [[email protected] ~]# df -h /windows/ Filesystem Size Used Avail Use% Mounted on /dev/sdb1 1021M 11M 1011M 2% /windows At this point, you will be able to read and write data to the mounted NTFS disk. Automatically Mount NTFS We may now create an entry in the /etc/fstab file, so that our NTFS disk will automatically mount on system boot. Below, you’ll see an example of the entry that I have placed in my fstab file. This will mount the disk to the /ntfs directory. /dev/sdb1 /windows ntfs-3g defaults 0 0 After this configuration has been added, the NTFS disk should mount automatically on system boot. Before performing a reboot, it is recommended that you first run the ‘mount –a’ command and confirm that the disk mounts without any issues. If any issues occur during boot, you will be left with a system that does not properly boot, so it’s important to test first. Summary We have seen that it is possible to easily mount an NTFS disk in CentOS 7 Linux once the ntfs-3g package, which provides us with the necessary drivers, has been installed.
How to Deploy a Docker Container in Windows Server 2016 Windows Server 2016 includes native support for Docker-based containers. Here is how to Install a Docker for Windows Server2016; Docker Containers Docker and Docker-based containers have been a huge deal in the free and open source software (FOSS) space for a long time now. In a nutshell, Docker containers are virtualized applications which run in their own isolated memory space and also have their own ‘sandboxed’ file system.Docker containers are a big deal because they: Are a lot smaller and more agile than full virtual machines Can be spun up and destroyed in seconds Reduce the attack surface of your applications Install a Docker for Windows Server You can find out how you can get a running start on Installing the Containers server role and deploying Docker containers by using native Docker commands by using those steps. You may find more at the nearly always excellent Microsoft Developer Network (MSDN) documentation.Make sure to keep the following in mind: Those steps are based on a ppre-releasecode of Windows Server 2016. Also, you can manage Docker containers by using native PowerShell commands.Now let’s go ahead and set up a virtual machine which runs Windows Server 2016 Technical Preview 5 (TP5). Installing the Containers Feature and the Docker Engine. Open an administrative PowerShell console and install the new ‘Containers’ feature: Install-WindowsFeature -Name Containers –Restart Now create a folder to house the Docker program files. New-Item -Type Directory -Path 'C:Program FilesDocker' -Force The following two Invoke-WebRequest calls download the Docker engine (daemon in UNIX language) and the Docker client from the Microsoft servers. Invoke-WebRequest -Uri https://aka.ms/tp5/b/dockerd -OutFile $env:ProgramFilesDockerdockerd.exe -UseBasicParsing Invoke-WebRequest -Uri https://aka.ms/tp5/b/docker -OutFile $env:ProgramFilesDockerdocker.exe -UseBasicParsing Add the Docker directory to your system path so that you may call the Docker client from wherever you are in the file system. [Environment]::SetEnvironmentVariable("Path", $env:Path + ";C:Program FilesDocker", [EnvironmentVariableTarget]::Machine) You will need to restart your administrative PowerShell console to put the environment variable change into effect.To finish up the installation, install the Docker daemon as a Windows service by calling on the Docker executable directly. dockerd --register-service Finally, fire up the Docker service. Start-Service -Name Docker -Force Downloading the Base Images In Docker container nomenclature, the ‘image’ is the template from which you spawn new containers. You may download some pre-built Docker images from the Microsoft servers by installing the container image package provider. Install-PackageProvider -Name ContainerImage -Force When this tutorial was written, Microsoft had two container images in their gallery: Nano Server and Server Core.Download them both. Install-ContainerImage -Name WindowsServerCore Install-ContainerImage -Name NanoServer After the image installation process finishes (it might take a little while, depending on your internet connection speed), you will have to restart the docker service. Restart-Service -Name Docker -Force Deploy Your First Docker Container Microsoft engineers have figured out how to run the Windows Server operating system as a container.To get a list of your Nano Server and Server Core images, execute the below command. docker images Now use docker run to deploy a new container named ‘coreserver3’ which uses the Windows Server Core image. The ‘-it’ switch denotes an interactive session, and ‘cmd.exe’ means that you want to enter the container inside a new cmd.exe console. docker run -it --name coreserver3 windowsservercore cmd.exe Specifically, the ‘docker run’ statement translates to ‘Run the cmd.exe command from within a new Server Core-based container named coreserver3’.To switch out of the running container (which sadly runs in the same window as your previously open PowerShell session), use the following keystroke.CTRL+P,QThen you will be able run docker ps to receive a list of running containers, docker attach coreserver3 to re-enter the running container, or docker stop coreserver3 to stop the container.