kuju63 · February 26, 2017 15:06
diff --git a/Linuxサーバ構築手順（基本）まとめ.txt b/Linuxサーバ構築手順（基本）まとめ.txt

 ## EPELリポジトリの追加
 sudo yum -y install epel-release

 ## アクセス可能ホストの設定
 sudo cp /etc/hosts.allow /etc/hosts.allow_日付
 sudo vi /etc/hosts.allow
 ## 以下を追加
 sshd: 192.168.1.

 sudo cp /etc/hosts.deny /etc/hosts.deny_日付
 sudo vi /etc/hosts.deny
 ## 以下を追加
 ALL: ALL

 # SSHサーバの設定変更
 sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_日付
 sudo vi /etc/ssh/sshd_config

 ## 以下を修正
 # Port 22 → Port 22 #適宜ポート番号を変更
 # Protocol 2 → Protocol 2
 # PermitRootLogin no → PermitRootLogin no
 # MaxAuthTries 6 → MaxAuthTries 3
 # MaxSessions 10 → MaxSessions 4
 # PermitEmptyPasswords no → PermitEmptyPasswords no

 sudo systemctl restart sshd

 # セキュリティ向上のため、cronでyumを実行
 sudo yum install -y yum-cron
 sudo systemctl start yum-cron

 ## clamavのインストール
 sudo yum install --enablerepo=epel clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
 cd /etc/clamd.d/
 sudo cp scan.conf scan.conf_日付
 sudo vi scan.conf

 Example →　#Example
 #LogFile /var/log/clamd.scan →  LogFile /var/log/clamd.scan
 #LogFileMaxSize 2M → LogFileMaxSize 2M
 #LogTime yes → #LogTime yes
 #OfficialDatabaseOnly no → OfficialDatabaseOnly yes
 #ExcludePath ^/proc/ → #ExcludePath ^/proc/
 #ExcludePath ^/sys/ → #ExcludePath ^/sys/
 User clamscan → User root
 #LocalSocket /var/run/clamd.scan/clamd.sock → LocalSocket /var/run/clamd.scan/clamd.sock


 sudo systemctl start clamd@scan
 sudo systemctl enable clamd@scan

 sudo cp -p /etc/freshclam.conf /etc/freshclam.conf_20170218
 sudo vi /etc/freshclam.conf

 Example  #Example
 #UpdateLogFile /var/log/freshclam.log  UpdateLogFile /var/log/freshclam.log
 #LogFileMaxSize 2M  LogFileMaxSize 2M
 #LogTime yes  LogTime yes
 #LogRotate yes  LogRotate yes
 #DatabaseMirror db.XY.clamav.net  #DatabaseMirror db.jp.clamav.net
 #NotifyClamd /path/to/clamd.conf  #NotifyClamd /etc/clamd.d/scan.conf


 sudo freshclam -u root

 sudo ln -s /etc/clamd.d/scan.conf /etc/clamd.conf

	## EPELリポジトリの追加
	sudo yum -y install epel-release

	## アクセス可能ホストの設定
	sudo cp /etc/hosts.allow /etc/hosts.allow_日付
	sudo vi /etc/hosts.allow
	## 以下を追加
	sshd: 192.168.1.

	sudo cp /etc/hosts.deny /etc/hosts.deny_日付
	sudo vi /etc/hosts.deny
	## 以下を追加
	ALL: ALL

	# SSHサーバの設定変更
	sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_日付
	sudo vi /etc/ssh/sshd_config

	## 以下を修正
	# Port 22 → Port 22 #適宜ポート番号を変更
	# Protocol 2 → Protocol 2
	# PermitRootLogin no → PermitRootLogin no
	# MaxAuthTries 6 → MaxAuthTries 3
	# MaxSessions 10 → MaxSessions 4
	# PermitEmptyPasswords no → PermitEmptyPasswords no

	sudo systemctl restart sshd

	# セキュリティ向上のため、cronでyumを実行
	sudo yum install -y yum-cron
	sudo systemctl start yum-cron

	## clamavのインストール
	sudo yum install --enablerepo=epel clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
	cd /etc/clamd.d/
	sudo cp scan.conf scan.conf_日付
	sudo vi scan.conf

	Example →　#Example
	#LogFile /var/log/clamd.scan → LogFile /var/log/clamd.scan
	#LogFileMaxSize 2M → LogFileMaxSize 2M
	#LogTime yes → #LogTime yes
	#OfficialDatabaseOnly no → OfficialDatabaseOnly yes
	#ExcludePath ^/proc/ → #ExcludePath ^/proc/
	#ExcludePath ^/sys/ → #ExcludePath ^/sys/
	User clamscan → User root
	#LocalSocket /var/run/clamd.scan/clamd.sock → LocalSocket /var/run/clamd.scan/clamd.sock


	sudo systemctl start clamd@scan
	sudo systemctl enable clamd@scan

	sudo cp -p /etc/freshclam.conf /etc/freshclam.conf_20170218
	sudo vi /etc/freshclam.conf

	Example #Example
	#UpdateLogFile /var/log/freshclam.log UpdateLogFile /var/log/freshclam.log
	#LogFileMaxSize 2M LogFileMaxSize 2M
	#LogTime yes LogTime yes
	#LogRotate yes LogRotate yes
	#DatabaseMirror db.XY.clamav.net #DatabaseMirror db.jp.clamav.net
	#NotifyClamd /path/to/clamd.conf #NotifyClamd /etc/clamd.d/scan.conf


	sudo freshclam -u root

	sudo ln -s /etc/clamd.d/scan.conf /etc/clamd.conf