manualshive.com logo in svg

KAPERSKY ANTI-VIRUS 5.6 - FOR NOVELL NETWARE, Administrator'S Manual, Page: 103 / 130

Share
Download
KAPERSKY ANTI-VIRUS 5.6 - FOR NOVELL NETWARE Administrator'S Manual Download Page 103

Appendix B 

103

 

 

 

Packed executables contain a special unpacking program. When such 
a file is launched, the main program is first unpacked in the RAM and 
then executed. 
Infected files can be packed in the same way as uninfected ones. 
Regular scans will recognize such infected files as clean, since the virus 
body is packed with the program code. 

With the executable module Extracting Engine enabled the anti-virus program 
will unpack files created with different versions of the most popular packing 
utilities, including DIET, PKLITE, LZEXE, EXEPACK etc., into the temporary file 
area and then rescan them using the main module. After scanning, the 
temporary files are deleted. 

 

Temporary files are stored in a special working directory. You can 
manually specify the path to this directory (see section A.2 on page 75). 

If a known virus is detected in the packed file, it can be removed (if disinfection is 
set as an action to be applied to infected files – see section B.2.2 on page 103). 
The initial file will be replaced with its unpacked and disinfected copy. With the 
extracting engine disabled, executable modules will be scanned as unpacked 
and a virus can only be detected if it has infected the packed file itself. 

The extracting engine works correctly with iteratively packed files. In addition, it 
works with some versions of file immunizers – the programs that protect 
executable files from infecting by adding checksums (CPAV and F-XLOCK), as 
well as with some versions of encryption software (CryptCOM).  

If both archive and executable file extracting engines are enabled, then 
Kaspersky Anti-Virus will detect an infected file even if it is, for example, 
encrypted with CryptCOM, then packed with PKLITE and finally archived using 
PKZIP. 

B.2.2. The 

Actions

 Tab 

On the 

Actions 

tab (see Figure 61) the user can specify the actions to be taken 

by the program to any infected or suspicious files if they are detected, as well as 
the actions to be applied to a workstation that attempts to upload an infected 
object to the server. 

In addition, you can allow/prohibit renaming or deleting of archives during the 
scanning procedure. To do so, enable or disable the 

Allow deleting or 

renaming archives

 checkbox. 

 

Summary of Contents for ANTI-VIRUS 5.6 - FOR NOVELL NETWARE

Page 1: ...KASPERSKY LAB Kaspersky Anti Virus 5 6 for Novell NetWare ADMINISTRATOR S GUIDE...

Page 2: ...K A S P E R S K Y A N T I V I R U S 5 6 F O R N O V E L L N E T W A R E Administrator s Guide Kaspersky Lab http www kaspersky com Revision date June 2005...

Page 3: ...G AND UNINSTALLING THE APPLICATION 13 3 1 Installation from the distribution package 13 3 2 Deploying the application across the network 17 3 3 Uninstalling the application 19 3 4 Updating the applica...

Page 4: ...cation regarding detected viruses 68 CHAPTER 8 LICENSE MANAGEMENT 69 8 1 Licensing policy 69 8 2 Installing the license key 72 APPENDIX A APPLICATION SETTINGS 74 A 1 The General Tab 74 A 2 The Folders...

Page 5: ...Files 109 B 2 3 3 Warnings 110 B 2 3 4 Messages Regarding Packed Executable Files 110 B 2 3 5 Messages Regarding Archive Files 110 B 2 3 6 Messages Regarding Uninfected Files 110 B 2 4 The NW Notific...

Page 6: ...all the files being modified thus making it possible to revert to the latest update if necessary Quarantine moves infected or suspicious files to a special storage location called quarantine Quarantin...

Page 7: ...e requirements Software requirements A server with installed Novell NetWare ver 5 x or 6 0 6 5 Installed Apache Web server and a Tomcat servlet container for installing and using the web management in...

Page 8: ...he license key can also be sent to you by e mail after receiving your payment The License Agreement LA is a legal agreement between you and the manufacturer Kaspersky Lab Ltd describing the terms on w...

Page 9: ...various conventions to emphasize different meaningful parts of the documentation The table below lists the conventions used in this Guide Convention Meaning Bold font Menu titles commands window title...

Page 10: ...strator workbench However if in the event that several administrators are working jointly the management modules can be installed on each of their computers If none of the modules is installed the ant...

Page 11: ...itecture of Kaspersky Anti Virus 5 6 for Novell NetWare obtaining access to its anti virus functionality requires starting its server part Kaspersky Anti Virus or Anti virus database updating module t...

Page 12: ...ith methods of cleaning objects infected by them Kaspersky Lab adds descriptions of new viruses to the anti virus database daily and places the updates on the Internet for downloading It is recommende...

Page 13: ...rections Most of the settings required for installation will be made by default or will be based on the choice you make Please read carefully the text in each window of the wizard Make any desired cha...

Page 14: ...ll 3 If you choose to install the server side application Kaspersky Anti Virus you will be asked to specify servers for the installation Figure 2 Select the required servers from the list of those cur...

Page 15: ...irectory for the Snapin for ConsoleOne you must specify the installation directory of Novell ConsoleOne on the computer from which the application control utility will be started By default this field...

Page 16: ...validity of the license agreement and its deadline see Figure 4 The license key is your personal key which stores the information required for full featured operation of the application and some refer...

Page 17: ...lled on the server Enable the necessary checkboxes The AUTOEXEC NCF is modified automatically and does not require additional settings to be made Figure 5 The final window of the setup wizard 3 2 Depl...

Page 18: ...Kaspersky Anti Virus option If this option is unavailable in the shortcut menu Kaspersky Anti Virus is already installed on all the servers of this node During installation the program will ask you t...

Page 19: ...ns removing the application s server part from the file servers and removing its client part from the computers on which it was installed see section 3 1 on page 13 The application s server part can b...

Page 20: ...1 Install one of the management modules either for ConsoleOne or the web module 2 In the Kaspersky Anti Virus 5 namespace select a server on which you want to upgrade the application version 3 Open th...

Page 21: ...http Server IP address port iKAV where Server IP address is the address of the server on which the Web management module is installed port is the port on the server on which the module is installed de...

Page 22: ...of elements of the object selected in the tree After installing the Snapin for Novell ConsoleOne a Kaspersky Anti Virus 5 name space is created in the console tree It is marked by the icon Figure 7 N...

Page 23: ...rolling the application The list of objects and their respective shortcut menu commands are shown in the table below Object Command Function Load Unload Kaspersky Anti Virus Starts Stops Kaspersky Ant...

Page 24: ...first time As a result of the installation two tasks are created on the server a real time protection task named Real Time Protection and an on demand scan task named On Demand Scan The Real Time Pro...

Page 25: ...code analyzer Upon detection of an infected object the application attempts to disinfect it If disinfection is impossible it outputs an appropriate message to the report If a suspicious object is dete...

Page 26: ...time The number of concurrently executed file scan requests depends upon the number of simultaneously running copies of the antiviral engine By default there are two copies running at the same time T...

Page 27: ...rsky Anti Virus module is started Figure 9 Server screen during execution of the real time protection task Similar information is represented in the results pane when the user selects the server runni...

Page 28: ...virus database updating module on the server select the required server in the Kaspersky Anti Virus 5 name space in the console tree Select the Anti Virus Database Updates task type Call the shortcut...

Page 29: ...pplication is set up from a workstation or a server on which the Snapin for Novell ConsoleOne or the Web management module is installed Individual windows are used for each server This operation can b...

Page 30: ...irus database update server allowable server s resources usage for the Kaspersky Anti Virus module and the number of file scan requests simultaneously processed by the server the number of concurrentl...

Page 31: ...e updates are distributed to the servers included in the mailing list and saved in the directories for storing the used anti virus database Backup copies of all the updated objects are created Prior t...

Page 32: ...nt it in the list of created tasks of this type If necessary enter the name manually It must be unique within this server Task type the type of task The set value is Anti Virus Database Updates and it...

Page 33: ...s database updating task as the tasks view mode 4 Click on the Create button located in the group of buttons on the right 5 Make the desired settings as described above in the dialog window Create Tas...

Page 34: ...properties window Anti virus database updating Server name Task name see Figure 12 Please familiarize yourself with the information provided on the tabs and change or add to it if necessary Figure 12...

Page 35: ...all the anti virus databases available from the source or only the new and changed ones If you have selected an Internet server as a source of the updates and plan to use a proxy server to connect to...

Page 36: ...Kaspersky Anti Virus 5 6 on Server name window The Task tab 3 Select Anti virus database updating task as the tasks view mode 4 In the task list select the task you wish to set up Click Edit in the gr...

Page 37: ...edule as the tasks view mode Click on the Add button at the right side of the schedule 8 In the Create new schedule for the task dialog box see Figure 15 select the task you want to schedule and speci...

Page 38: ...batch setting of update tasks do the following 1 In the Kaspersky Anti Virus 5 name space in the console tree select the server whose tasks you wish to set up Open the shortcut menu and select the Pro...

Page 39: ...16 Selecting a group of tasks to set up 5 In Select task template window that will open see Figure 17 select the task to use as a basis from the list of tasks you have included in the batch Click OK...

Page 40: ...ng and their values can be set the same for the whole batch of tasks Make the desired changes and click on Apply or OK to save the settings As a result the settings you have made will be saved for the...

Page 41: ...ase updating module is running on the server The tasks are completed automatically after the updates are sent to the specified servers or after executing the preset number of attempts to reconnect to...

Page 42: ...Virus Database Updates 3 Open the shortcut menu and select the Delete all tasks item A task can also be deleted using the application setup window Kaspersky Anti Virus 5 6 on Server name To delete an...

Page 43: ...y Therefore it is not recommended to enable archive unpacking mechanism for this type of task During scanning on demand the program scans the directory tree of the selected volumes on the server and v...

Page 44: ...necessary enter the name manually It must be unique within this server Task type the type of the task The set value is Real Time Protection On Demand Scan It is detected automatically based on your s...

Page 45: ...spersky Anti Virus 5 6 on Server name select the Task tab 3 Select the mode for reviewing the Real Time Protection and On demand Scan tasks On demand scan and real time protection tasks 4 Click on the...

Page 46: ...arameters are set automatically or depending on the values stored in the template task Please familiarize yourself with the information provided on the tabs and change or add to it if necessary You ca...

Page 47: ...Use the E mail notification tab to configure settings for sending notifications using your mail system for more details see section B 2 5 on page 113 Schedule unattended starts of the task and specify...

Page 48: ...ification and E mail notification These tabs are exactly the same as those in the task setup window On Demand Scan Server name Task name Real Time Protection Server name Task name Make all the desired...

Page 49: ...Scanning the server for viruses 49 Figure 21 The Scan options tab of the Change task settings window Figure 22 The Create new schedule for the task window Scheduling the task to run every week...

Page 50: ...es item 2 In the next window Kaspersky Anti Virus 5 6 on Server name select the Task tab see Figure 13 3 Select the mode for reviewing the Real Time Protection and On demand Scan tasks On demand scan...

Page 51: ...fields on the tabs become available for editing and their values can be set the same for this batch of tasks Make the desired changes and click on Apply or OK to save the settings Figure 24 The Change...

Page 52: ...tem If the Start task item is not available make sure that the application is running on the server Several on demand Scan tasks with different settings can be running simultaneously with one Real Tim...

Page 53: ...o delete a batch of tasks To delete all the tasks of the same type do the following 1 In the Kaspersky Anti Virus 5 name space in the console tree select the server you wish to delete the tasks for 2...

Page 54: ...me protection tasks see Figure 13 4 In the task list select the task you wish to delete Click Delete in the group of buttons on the left Click OK in the next window to confirm deletion As a result the...

Page 55: ...rectory is deleted or moved the functions of filtering sorting searching or merging the log data become unavailable To view any journals use the Microsoft Internet Explorer 6 0 Viewing the xml format...

Page 56: ...g task results log will be displayed in the Microsoft Internet Explorer window The view of the results log is displayed in the format defined by the task settings see section B 1 3 on page 90 If you a...

Page 57: ...te and time are displayed in the header of the right pane Below is the group of checkboxes used to set up the filter and a set of buttons that can be used for Refreshing the table contents and applyin...

Page 58: ...formation the program offers the opportunity to set up user filters The filters allow searching and discarding of currently unnecessary information when it complicates viewing After the filter is appl...

Page 59: ...s will open the task settings window see Figure 26 which displays the following information To a list of servers on which anti virus database must be updated as a result of executing the task Backup b...

Page 60: ...select the server on which the desired task was executed 2 Expand the task types list and select On Demand Scan Real Time Protection Open the list of the respective tasks and select the one for which...

Page 61: ...e web management interface the task results log can be accessed from the shortcut menu for the target task Select the task open the shortcut menu for this task and click the View log option The text f...

Page 62: ...left pane The session date and time are displayed in the header of the right pane Below is the group of checkboxes used to set up the filter and a set of buttons that can be used for Refreshing the ta...

Page 63: ...ble The records in the table can be arranged by the contents of one of the columns To the left of the name of the column by which the records are sorted there is a symbol showing whether they are arra...

Page 64: ...ion on the results of the last task execution either real time protection or on demand scanning task A click on this hyperlink will open the window see Figure 29 with the following information Scanned...

Page 65: ...for the server updating and scanning tasks In order to create a composite log with the results of several server updating scanning tasks do the following 1 In the Kaspersky Anti Virus 5 name space in...

Page 66: ...0 and Figure 31 that will open set up the parameters of the composite log Specify the amount of information you need by means of checking the desired box in the Period field group You can select all t...

Page 67: ...soft Internet Explorer application The composite log of the tasks execution will be opened in the Explorer window The left pane of the log contains the task type and the list of selected tasks launch...

Page 68: ...e contained and preventing its further spread The information can be sent via the Novell NetWare network or by e mail The user notification procedure information sending method and the text of the mes...

Page 69: ...uct produced by Kaspersky Lab The application may have only one valid license key It contains the limitations set for the operation of Kaspersky Anti Virus These limitations can be checked by special...

Page 70: ...the Kaspersky Anti Virus 5 name space in the console tree open the shortcut menu and select the Properties item The license expiration date is shown in the License expiration date field on the General...

Page 71: ...our Kaspersky Anti Virus license To renew your license you must purchase and install a new license key for Kaspersky Anti Virus Personal To obtain a new key Contact the vendor from whom you purchased...

Page 72: ...sing the web management module 1 In the Kaspersky Anti Virus 5 namespace select a server for which you want to renew the license Open the shortcut menu and click the Register license key option 2 This...

Page 73: ...all key 4 If the key is selected correctly its file will be added to the list of Kaspersky Anti Virus keys Select it in the list and click on Apply Figure 35 Selecting the key file After this the lice...

Page 74: ...eral tab see Figure 36 you can review general information about the Kaspersky Anti Virus module start stop the application on the server and renew the license register a new license key Figure 36 Conf...

Page 75: ...dule on the server In the web module the Load Kaspersky Anti Virus Unload Kaspersky Anti Virus buttons are available as shortcut menu options To open the shortcut menu select a server in the tree and...

Page 76: ...ctory for storing temporary files created during server scanning This directory is used as a temporary storage location for unpacking the packed files and archives The Anti virus database updates fold...

Page 77: ...ue is 8196 The CPU usage scale specifies how much of the server CPU resources can be consumed by the Kaspersky Anti Virus module Use your mouse to move the slider and specify the desired level in the...

Page 78: ...displays a table with the complete schedule of unattended startup for all the tasks created for the server The table contains the following columns Task name the name of the task to be started Frequen...

Page 79: ...the task from the schedule The tasks in the schedule are viewed by their types You can select one of the following two variants On demand scan and real time protection task schedule review the schedu...

Page 80: ...pane of the window Figure 40 Scheduling the task to run monthly 4 In the Task launch group select one of the following start modes from the drop down list At the Kaspersky Anti Virus start run when t...

Page 81: ...Make the desired changes and click OK Figure 41 Changing the task start parameters A 5 The Task Tab The Task tab see Figure 42 displays a full list of the tasks created for the server The tasks in th...

Page 82: ...roup includes the following buttons Create Delete Edit change task parameters View log This button is unavailable in the web module To view the log for a target task click the task name in the console...

Page 83: ...TP port field enter the decimal number of the SMTP server communication port The default value is 25 In the Sender field enter the notification message sender data It is advised that you use an electr...

Page 84: ...he server s rights to access file systems of the servers included in the mailing list Figure 44 Setting up the anti virus database updating task The Recipients tab In the Snapin for ConsoleOne module...

Page 85: ...he time of the previous update of the server s anti virus database Rights for server shows whether the server running the update task has the rights to access this server s file system yes no Current...

Page 86: ...virus database updating module sends the updates select it in the table and click on the Delete button B 1 2 The Updating source Tab The Updating source tab see Figure 46 is used for selecting the me...

Page 87: ...rsky Lab for downloading anti virus database updates The list can modified using the buttons on the right Add add a new address to the list In the dialog window titled New update address select the ty...

Page 88: ...tes update sources The primary update folder is the one placed first in the list Other folders will be tried one after another in the event the primary update folder is unavailable The folders are tri...

Page 89: ...stored the update source After specifying the directory click OK Delete remove the selected address Edit edit the selected address The address is edited in the same way it is added Up move the select...

Page 90: ...file name in which to save the log A separate log file is created for each task In the Log file type group select the format of the log file XML two formats xml and htm The htm type log can be viewed...

Page 91: ...in years months days hours minutes and seconds The list of servers on which anti virus database must be updated as a result of running the task The backup mode set for the anti virus database prior t...

Page 92: ...on regarding the deleted files The user can limit the log file size by setting its maximum allowable size After reaching this size the log file will be overwritten To do this 1 In the Limit group chec...

Page 93: ...onnection via a proxy server do the following 1 Check the Use proxy box in the upper part of the Proxy tab 2 In the field group below the check box specify the parameters of connection to the proxy se...

Page 94: ...of reconnection with the update source in the event of disconnection In the left part of the tab there is a table containing all the scheduled runs of the task It consists of two columns and includes...

Page 95: ...he group of fields corresponding to the selected mode If you have selected daily start you should set the task start up time in the Task start time field see Figure 54 enter the hour value in the firs...

Page 96: ...or Novell NetWare necessary After that you must specify the start up time in the Task start time field group see above Figure 54 Scheduling the update task to start every day Figure 55 Scheduling the...

Page 97: ...f reconnection with the update source In the Attempts field enter the number of reconnection attempts In the every field enter the time interval between the attempts to reconnect 5 After completing cl...

Page 98: ...task is complete checkbox 2 Use the Recipients of the notification field to create a list of e mail addresses where the notifications will be sent Click the Add button to open the Select Recipients d...

Page 99: ...us scanning parameters including the locations and file types to be scanned the locations to be excluded from scanning Additional scanning modes can also be activated namely mail bank scanning archive...

Page 100: ...llowing In the Folders excluded from scanning field specify the list of directories that will not be scanned for viruses The list is created in the same way as the Scan folders list By default the lis...

Page 101: ...2 1 3 on page 102 5 If you wish to scan the mail repository check the Mail databases box 6 If you wish to scan mail format files check the Plain mail files box You can enable the heuristic file check...

Page 102: ...tance since a virus can be stored in an archive as long as several months or even years bringing no harm but can then spread very quickly causing a lot of trouble The most dangerous in this sense are...

Page 103: ...ll be replaced with its unpacked and disinfected copy With the extracting engine disabled executable modules will be scanned as unpacked and a virus can only be detected if it has infected the packed...

Page 104: ...ot apply any actions Disinfect disinfect the file if possible Delete delete the file Move to the quarantine move the file to the quarantine directory Rename change the file extension to vir or vi1 vi2...

Page 105: ...lete delete the file Move to the quarantine move the object to the quarantine directory Rename change the file extension to vir or vi1 vi2 etc if a file with the same name exists 2 If you have selecte...

Page 106: ...ion results including the log file type its location and size the list of events to be logged as well as the file name in which to save the log A separate log file is created for each task Figure 62 S...

Page 107: ...formation regarding uninfected files In addition records about the task start and completion are automatically logged Below is the detailed structure of various messages You can limit the scanning res...

Page 108: ...ring can take the following values disinfected the virus is removed deleted the file is deleted removed the file is quarantined renamed the file extension is changed to vir or vi1 vi2 etc if a file wi...

Page 109: ...to be a Trojan horse Trivial the file appears to be infected with an unidentified virus capable of replacing executable files in the current directory the size of this virus is usually less than 300...

Page 110: ...Archive Files When an archive is unpacked by the anti virus program a record will be added to the event log with information about the archiver used to create the file The format of the record is as f...

Page 111: ...Appendix B 111 Figure 63 Setting up the on demand scan task The NW Notification tab Figure 64 The message received by the user when a virus is detected on the server...

Page 112: ...Select the desired user from the list of those registered in the network and click OK If you want to remove a user from the list of those who receives the notifications select him or her in the Recip...

Page 113: ...e E mail notification tab In order to organize delivery of notifications via the mail server do the following 1 Check the Notify when the task is complete box to enable delivery of corresponding notif...

Page 114: ...tion list 3 In the E mail notification field create the notification text manually You can use the macros described above Figure 67 Adding e mail addresses B 2 6 The Schedule Tab The Schedule tab see...

Page 115: ...ons to the right of the table are used to work with the schedule They include the following buttons Add add a task to the schedule Edit change the task launching parameters Delete delete the task from...

Page 116: ...f you have selected daily start you should specify the task start up time in the Task start time field see Figure 70 Enter the hour value in the first field and the minute value in the second field Th...

Page 117: ...ee above 4 In the Task duration group specify the time after which the task must be terminated To do so select the desired option from the drop down list Not defined the task execution time is unlimit...

Page 118: ...118 Kaspersky Anti Virus for Novell NetWare Figure 72 Setting up monthly server scanning...

Page 119: ...urrent and even future threats Resistance to future attacks is the basic policy implemented in all Kaspersky Lab s products At all times the company s products remain at least one step ahead of many o...

Page 120: ...reases the speed of the program s operation The application creates a reliable barrier to viruses when they attempt to intrude your computer via e mail Kaspersky Anti Virus Personal performs automatic...

Page 121: ...zed access and external hacker attacks from either the Internet or the local network Kaspersky Anti Hacker monitors the TCP IP network activity of all applications running on your machine When it dete...

Page 122: ...configurable security solution for small and medium sized corporate networks Kaspersky Anti Virus Business Optimal includes full scale anti virus protection3 for Workstations running Windows 98 ME Win...

Page 123: ...Kaspersky Corporate Suite distribution kit includes Kaspersky Administration Kit a unique tool for automated deployment and administration You are free to choose from any of these anti virus applicati...

Page 124: ...ter including the Subject and attached files as well as unique linguistic and heuristic algorithms The application s high performance is enhanced by daily updates to the content filtration database by...

Page 125: ...NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT DO NOT BREAK THE CD s SLEEVE DOWNLOAD INSTALL OR USE THIS SOFTWARE IN ACCORDANCE WITH THE LEGISLATION REGARDING KASPERSKY SOFTWARE INTENDED FOR INDIVIDU...

Page 126: ...1 1 The Software is in use on a Client Device when it is loaded into the temporary memory i e random access memory or RAM or installed into the permanent memory e g hard disk CD ROM or other storage...

Page 127: ...obtained then you must have a reasonable mechanism in place to ensure that your use of the Software does not exceed the use limits specified for the license you have obtained This license authorizes...

Page 128: ...onsent to the transfer of data to other countries outside your own as set out in the Privacy Policy iv Support Services means a Daily updates of the anti virus database b Free software updates includi...

Page 129: ...The warranty in i shall not apply if you a make or cause to be made any modifications to this Software without the consent of Kaspersky Lab b use the Software in a manner for which it was not intende...

Page 130: ...s all and any prior understandings undertakings and promises between you and Kaspersky Lab whether oral or in writing which have been given or may be implied from anything written or said in negotiati...

Reviews:

No comments