ESET FILE SECURITY Installation Manual Download | Manualshive

Page: 18 / 32

background image

18

ESET File Security

initialization statement, insert the following line:

/sbin/modprobe dazuko

For BSD OS's the line

/sbin/kldconfig dazuko

must be inserted into the ‘/usr/local/etc/rc.d/esets_daemon.sh’ script.

Warning!

It is extremely important that these steps are executed in the exact order given. If

the kernel module is not located within the kernel modules directory it will not properly load,

resulting in system hang-up.

5.3. On-access scanner using preload LIBC library

In previous sections we described the integration of the On-access scanner powered by

Dazuko with Linux/BSD file system services. In this section we would like to point out that the

technique using Dazuko may not be desired by system administrators who maintain critical

systems where:

The source code and/or configuration files related to the currently running kernel are not

y

available

The kernel is more monolithic than modular

y

The Dazuko module simply does not support the given OS

y

In any of these cases, the On-access scanning technique based on the preload LIBC library

should be used. See section 5.3.1 below for detailed information. Please note that this section is

relevant only for Linux OS users and contains information regarding the operation, installation

and configuration of the On-access scanner using the preload library '

libesets_pac.so'

.

5.3.1. Operation principle

The On-access scanner

libesets_pac.so

(ESETS Preload library based file Access Controller) is a

shared objects library which is activated at system start-up. This library is used for LIBC calls by

file system servers such as FTP server, Samba server etc. Every file system object is scanned based

on customizable file access event types. The following event types are supported by the current

version:

open events

This file access type is activated if the word 'open' is present in the 'event_mask‘ parameter

in the eset.cfg file ([pac] section).

close events

This file access type is activated if the word ‘close‘ is present in the ‘event_mask‘ parameter in

the eset.cfg file ([pac] section). In this case, all file descriptor and FILE stream close functions of

the LIBC are intercepted.

exec events

This file access type is activated if the word ‘exec‘ is present in the ‘event_mask‘ parameter in

the eset.cfg ([pac] section). In this case, all exec functions of the LIBC are intercepted.

«
...
16
17
18
19
20
...
»

Summary of Contents for FILE SECURITY

Page 1: ...ESET File Security Installation Manual and User Guide we protect digital worlds...

Page 2: ...Interface 24 6 5 Remote Administration 24 7 ESET Security system update 25 7 1 ESETS update utility 26 7 2 ESETS update process description 26 7 3 ESETS mirror http daemon 27 8 Let us know 29 Appendi...

Page 3: ...Chapter 1 Introduction...

Page 4: ...run under non privileged user account to enhance security The system supports selective configuration based on the user or client server Multiple logging levels can be configured to get information ab...

Page 5: ...Chapter 2 Terminology and abbreviations...

Page 6: ...ion the primary installation directory is opt eset esets ESETS daemon The main ESETS system control and scanning daemon esets_daemon ESETS base directory The directory where ESETS loadable modules con...

Page 7: ...s directory The SBINDIR value for the following Operating Systems is listed below Linux usr sbin Linux RSR opt eset esets sbin FreeBSD usr local sbin NetBSD usr pkg sbin Solaris opt esets sbin ESETS o...

Page 8: ......

Page 9: ...Chapter 3 Installation...

Page 10: ...ade the product use the following command sh esets i386 ext bin For the Linux RSR variation of the product use the command sh esets rsr i386 rpm bin to display the product s User License Acceptance Ag...

Page 11: ...Chapter 4 Architecture Overview...

Page 12: ...tegrate ESETS with the Linux BSD Solaris Server environment UTILITIES The utility modules provide simple and effective management of the system They are responsible for relevant system tasks such as l...

Page 13: ...le For detailed information on the most effective way to organize this file please refer to the esets cfg 5 and esets_daemon 8 man pages as well as relevant agents man pages ETCDIR certs This director...

Page 14: ......

Page 15: ...Chapter 5 Integration with File System services...

Page 16: ...list of options please see the esets_scan 8 man page 5 2 On access scanner powered by Dazuko The On access scanner is invoked by user s access and or operating system access to file system objects Thi...

Page 17: ...n As mentioned previously the Dazuko kernel module must be compiled and installed within the running kernel before esets_dac can be initialized To compile and install Dazuko please see http www dazuko...

Page 18: ...hould be used See section 5 3 1 below for detailed information Please note that this section is relevant only for Linux OS users and contains information regarding the operation installation and confi...

Page 19: ...g the following line LD_PRELOAD path to libesets_pac so COMMAND COMMAND ARGUMENTS where COMMAND COMMAND ARGUMENTS is the original executable statement Review and edit the global and pac sections of th...

Page 20: ......

Page 21: ...Chapter 6 Important ESET File Security mechanisms...

Page 22: ...has been taken as a result of these three action options the object is accepted Otherwise the object is blocked 6 2 User Specific Configuration The purpose of the User Specific Configuration mechanis...

Page 23: ...m will be processed by the ESET virus laboratory and if necessary added to the ESET virus signature database NOTE ACCORDINGTO OUR LICENSE AGREEMENT BY ENABLING SAMPLE SUBMISSION SYSTEMYOU ARE AGREEING...

Page 24: ...ministrator Manual This manual is located on our web site here http download eset com manuals ESET_ERA_User_Guide_EN pdf The ESETS Remote Administration Client is part of the main ESETS daemon For bas...

Page 25: ...Chapter 7 ESET Security system update...

Page 26: ...TS configuration file The ESETS daemon must be up and running in order to successfully update the virus signature database 7 2 ESETS update process description The update process consists of two stage...

Page 27: ...o yes and the Mirror is enabled Options av_mirror_httpd_port and av_mirror_httpd_addr define the port default 2221 and address default all local tcp addresses where the http server listens The option...

Page 28: ......

Page 29: ...Chapter 8 Let us know...

Page 30: ...ly improve the quality and effectiveness of our documentation If you feel that any sections in this Guide are unclear or incomplete please let us know by contacting Customer Care http www eset com sup...

Page 31: ...Appendix A PHP License...

Page 32: ...ll be given a distinguishing version number Once covered code has been published under a particular version of the license you may always continue to use it under the terms of that version You may als...

Reviews:

No comments

Related manuals for FILE SECURITY

Brand: NEC Pages: 4

Portastudio iPad Application

Brand: Tascam Pages: 5

SENTINEL 6.1.1.0 - README

Brand: Novell Pages: 13

RAPTOR 2100 FPS - RAPTOR DRIVERS FOR HP-UX INSTALLATION AND

Brand: Tech Source Pages: 36

Hosted Provider Edition (HPE) 8.1

Brand: Genesys Pages: 5

Brand: AMX Pages: 50

AUTODESK ROBOT STRUCTURAL ANALYSIS PROFESSIONAL

Brand: Autodesk Pages: 6

Brand: Octel Pages: 64

LANDXPLORER 2011 - SYSTEM REQUIREMENTS

Brand: Autodesk Pages: 3

User Access Control (UAC) in Windows® Vista

Brand: Alarm Lock Pages: 2

Brand: GE Pages: 82

Brand: Pioneer Pages: 28

Brand: Pioneer Pages: 28

Brand: Emagic Pages: 256

Brand: 10ZiG Technology Limited Pages: 125

TI InterActive!

Brand: Texas Instruments Pages: 63

Active Management Technology v5.0

Brand: Intel Pages: 143

ENTERPRISE LINUX 4.5.0 -

Brand: Red Hat Pages: 434

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands