tav
Basic terminal anti-virus
Features
- Actively monitor filesystem and processes
- Delete blacklisted files automatically
- Monitor processes by regex (no action)
- Blacklist processes globally
- Prohibit processes by user
Install
Examples
# Run with default config: conf/config.yaml
# Override config location (path to yaml file)
# Load and test/debug config file
Config Example
# Filesystem options
fs:
# List of directories to walk & watch
watch:
- /etc
- /tmp
- /var/tmp
- /var/www
# Blacklist files (simple case insensitive regex)
blacklist:
- badfile.*
- deleteme[0-9]+
- dontletmelive
# Process options
ps:
# Watch for processes (no action)
watch:
- python
- sketchy
# Blacklist processes (partial case insensitive compare)
blacklist:
- malwareps
- killthisproc
# Blacklist processes for specific users
prohibit:
# Don't allow www-data user to run sh or bash processes
www-data:
- /bin/sh
- /bin/bash
Usage
Default Options
# tav --help
)
Run Options
# tav run --help
)
Config Options
# tav config --help
)