Basic terminal anti-virus
- Actively monitor filesystem and processes
- Delete blacklisted files automatically
- Monitor processes by regex (no action)
- Blacklist processes globally
- Prohibit processes by user
cargo install tav# Run with default config: conf/config.yaml
tav run
# Override config location (path to yaml file)
tav run --config ./config.yaml
# Load and test/debug config file
tav config --config ./config.yaml# Filesystem options
fs:
# List of directories to walk & watch
watch:
- /etc
- /tmp
- /var/tmp
- /var/www
# Blacklist files (simple case insensitive regex)
blacklist:
- badfile.*
- deleteme[0-9]+
- dontletmelive
# Process options
ps:
# Watch for processes (no action)
watch:
- python
- sketchy
# Blacklist processes (partial case insensitive compare)
blacklist:
- malwareps
- killthisproc
# Blacklist processes for specific users
prohibit:
# Don't allow www-data user to run sh or bash processes
www-data:
- /bin/sh
- /bin/bashDefault Options
# tav --help
A basic terminal anti-virus
Usage: tav [OPTIONS] [COMMAND]
Commands:
run Run active scanner and watcher
config Config test
help Print this message or the help of the given subcommand(s)
Options:
-B, --no-banner Don't show the banner
-v, --verbose Show additional info logs
-h, --help Print help
-V, --version Print versionRun Options
# tav run --help
Run active scanner and watcher
Usage: tav run [OPTIONS]
Options:
-c, --config <FILE> Path to config file (yaml) [default: conf/config.yaml]
-h, --help Print helpConfig Options
# tav config --help
Config test
Usage: tav config [OPTIONS]
Options:
-c, --config <FILE> Path to config file (yaml) [default: conf/config.yaml]
-h, --help Print help