KAPERSKY ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL... Administrator'S Manual Download

Page: 1 / 93

KASPERSKY LAB

Kaspersky Anti-Virus

5.5

for Samba Servers

ADMINISTRATOR'S
MANUAL

Summary of Contents for ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL...

Page 1: ...KASPERSKY LAB Kaspersky Anti Virus 5 5 for Samba Servers ADMINISTRATOR S MANUAL...

Page 2: ...K A S P E R S K Y A N T I V I R U S 5 5 F O R S A M B A S E R V E R S Administrator s manual Kaspersky Lab Ltd http www kaspersky com Revision date November 2006...

Page 3: ...VIRUS 14 3 1 Software installation to a server running Linux 14 3 2 Software installation to a server running FreeBSD 14 3 3 Installation process 15 3 4 Configuring the application 15 3 5 Locations of...

Page 4: ...ditional opportunities using scripts 37 5 3 3 1 E mail notification of administrator 37 CHAPTER 6 ADDITIONAL SETUP 39 6 1 Tuning real time anti virus protection 39 6 1 1 Scope of monitoring 39 6 1 2 F...

Page 5: ...line options for the kavsamba component 71 A 3 Kavsamba return codes 71 A 4 Command line options for the kavscanner component 72 A 5 Kavscanner return codes 75 A 6 Command line options for the license...

Page 6: ...es contain viruses or mail worms When you open an e mail message or save an attached file to your hard drive you may infect data stored in your computer Software vulnerabilities In most cases hackers...

Page 7: ...on etc In the strict sense Trojan Horses are not viruses as they do not infect programs or data they are unable to sneak independently into computers and therefore are distributed by impostors disguis...

Page 8: ...e occur An opportunity to move infected or suspicious objects to a special storage location quarantine Preserving the original infected object prior to its disinfection Backup with an opportunity to r...

Page 9: ...CPU or better 64 B RAM 100 MB of disk space for application installation and storage of temporary files Software requirements One of the following operating systems for a 32 bit platform o RedHat Linu...

Page 10: ...m Kaspersky Lab s website The distribution file contains the product and the license key The License Agreement LA is a legal agreement between you either an individual or a single entity and the manuf...

Page 11: ...n configuration and performance information about new Kaspersky Lab products and new computer vi ruses for those who subscribe to our newsletter Kaspersky Lab does not give advice on the performance a...

Page 12: ...ent of problem example for using the software features Solution Solution to a defined problem key key purpose Command line keys Text of informa tion messages and the command line Text of configuration...

Page 13: ...ba module is a daemon process analyzing the files provided by the kavsamba so files and processing them in accordance with the current settings Data exchange between the module and the daemon process...

Page 14: ...amba module scans the requested object for viruses and processes it in accordance with the settings in the configuration file including the use of anti virus databases if that option is enabled 4 Upon...

Page 15: ...installation packages rpm for systems that support RPM Package Manager deb for Debian Linux distributions In order to start the installation of Kaspersky Anti Virus from an rpm package enter the foll...

Page 16: ...virus databases Please note also that automatic configuration of the application will not be performed if the anti virus databases are not installed 4 License key installation If a license key is not...

Page 17: ...a server please see https bugzilla samba org show_bug cgi id 2100 for details about the patch If the system configuration requires some additional information e g the path to the Samba server configur...

Page 18: ...oduct with your Samba server share man directory containing man files In order to enable using the reference system of Kaspersky Anti Virus manual pages add the opt kaspersky kav4samba share man path...

Page 19: ...virus databases usr local sbin kav4samba kavsamba executable file of the kavsamba real time protection component On Access Scanner usr local libexec kaspersky kav4samba setup kavsamba_setup pl the sc...

Page 20: ...mba Server modules If you are running FreeBSD enter the following in the command line cd usr local src kav4samba configure with sambasrc path_to_samba make where path_to_samba stands for the path to t...

Page 21: ...Linux because of certain peculiarities of that operating system As soon as the uninstall procedure completes the administrator will have to remove the opt kaspersky kav4samba lib bin kav4samba script...

Page 22: ...ration of Kaspersky Anti Virus are recorded in its default configuration file You can create your own configuration files and use them both for cur rent tasks and as the default configuration Let us r...

Page 23: ...ti virus databases will be copied from the Kaspersky Lab updates servers to a special directory defined in the configuration file 4 3 Setting the product up for work with Webmin If you plan to configu...

Page 24: ...1 Optimal operation mode This mode ensures optimal balance between server performance and established protection level In order to define the optimal mode of operation enter the following changes to...

Page 25: ...rchives SelfEx tArchives MailBases MailPlain and Heuristic pa rameters scanner options and samba options sec tions 4 4 2 Top performance mode This mode provides for maximum application performance how...

Page 26: ...s yes MailPlain yes Heuristic yes Cure yes Ichecker yes FileCacheSize 0 CheckFilesLimit 0 BgCheckFilesLimit 0 BgSheduleTime 0 HashType md5 Set the following parameter value in the samba path section B...

Page 27: ...being closed for such directories In that case directory contents will be scanned for virus presence either when a user attempts to access it or during background scanning General settings for all oth...

Page 28: ...onfigFile etc samba smb conf Set the following parameter values in the samba actions section OnInfected remove OnSuspicion remove OnWarning remove Set the following parameter values in the samba share...

Page 29: ...bases using the keepup2date component is an important aspect of anti virus security The component performs both remote and local updating of the anti virus databases and application modules Please not...

Page 30: ...es should be placed then in a certain network directory and your local network computers should be set up to use that directory as the source of anti virus database updates Please see details on task...

Page 31: ...cron utility Task schedule automatic daily updating of the anti virus databases to run every 3 hours The system log should be updated with operational application errors only A general log of all sta...

Page 32: ...the anti virus databases from an administrator defined address If updates cannot be retrieved from the address the databases should be downloaded from an ad dress included in the list of update serve...

Page 33: ...ve parameter values in the configuration file for the application updater options UpdateServerUrl home bases UseUpdateServerUrl yes UseUpdateServerUrlOnly no 2 Enter the following in the command line...

Page 34: ...ddress and port values are mandatory while username and password have to be specified only if the proxy requires authenti cation or 1 Assign the Yes value to the UseProxy parameter in the up dater opt...

Page 35: ...ility Let us review those opportunities in detail 5 2 1 1 Monitoring with notifications through smbclient Installation of a Samba server automatically installs the smbclient utility delivering winpopu...

Page 36: ...rom USERHOST is infected by VIRUSNAME mail s Virus notification spam virus localhost ru OnWarning exec echo USER FULLPATH FILENAME from USERHOST is probably infected by VIRUSNAME mail s Virus notifica...

Page 37: ...rver file systems The process of scanning a whole computer for virus presence is quite a resource consuming task Please note that during the procedure the server will slow down therefore it is recomme...

Page 38: ...following line 0 0 path to kav4samba kavscanner c etc kav kavscaner cron home 5 3 3 Additional opportunities using scripts Kaspersky Anti Virus offers an opportunity for additional processing of obje...

Page 39: ...tainer objects in the application configuration file scanner object OnInfected exec echo FULLPATH FILENAME is infected by VIRUSNAME mail s kav4samba kavscanner admin localhost ru scanner container OnI...

Page 40: ...sinfection mode please see section 6 1 2 on p 40 Actions to perform over files please see section 6 1 3 on p 41 Backup copy mode please see section 6 1 5 on p 42 Creation of reports and notifications...

Page 41: ...se see section 6 1 3 on p 41 Resulting from the scanning and disinfection procedure a file is assigned one of the following status variants Clear the file is not infected Infected the file is infected...

Page 42: ...ba actions section Define the rules for processing in an alternative configuration file and use it during component start Please note that the homes shared directory is virtual It points to the home d...

Page 43: ...rsky Anti Virus see section 6 4 on p 48 6 1 5 Backup copying of objects If scanned files turn out to be infected while removal from file system is defined as an action to be performed over infected ob...

Page 44: ...milar to the monitoring area for real time protection File scanning and cure mode please see section 6 2 2 on p 44 Actions to be performed over files please see section 6 2 3 on p 45 Let us review in...

Page 45: ...onent start Default scanning objects are also defined in the application configuration file scanner options section and can be redefined by command line keys at component start when an alternative con...

Page 46: ...container to container objects Various operations are possible for self extracting archives if an archive itself is infected it is viewed as a simple object but if archived objects inside it contain v...

Page 47: ...the command line kav4samba kavscanner tmp downloads lst c sample_scan conf 6 3 Optimizing Kaspersky Anti Virus for Samba Servers Kaspersky Anti Virus for Samba Servers offers several efficient methods...

Page 48: ...g with the application the information from the iChecker data base should be removed manually complete path to the database is defined by the IcheckerDbFile parameter in the path section of the applic...

Page 49: ...maintained 6 4 Restarting Kaspersky Anti Virus for Samba Servers Access to the samba shares protected by the Anti Virus will be blocked during any restart of Kaspersky Anti Virus Several variants are...

Page 50: ...s a SIGTERM signal terminating kavsamba operation and closing all its branched copies and then the Anti Virus terminates correctly We strongly recommend that you do not terminate the activity of the k...

Page 51: ...ed to perform some additional setup You can adjust the volume of output information by modifying the level of report details The level of details is a number which determines how specific the informat...

Page 52: ...information about anti virus databases license keys and resulting statistics 4 Activity Messages about scanning of files in accordance with the level of details defined for the scanning report 10 Deb...

Page 53: ...grades timely notifications about new viruses When the license expires the above services are discontinued automatically Kaspersky Anti Virus will continue scanning of server file systems but it will...

Page 54: ...information will be output to server console Kaspersky license manager Version 5 5 Copyright C Kaspersky Lab 1997 2006 Portions Copyright C Lan Crypto Serial 0038 000419 0003D3EA Kaspersky Anti Virus...

Page 55: ...sky license manager Version 5 5 0 0 RELEASE Copyright C Kaspersky Lab 1998 2006 Key file 00053E3D key is successfully registered We recommend updating your anti virus databases after the procedure If...

Page 56: ...y Lab 1998 2006 Active key was successfully removed In order to remove your additional key enter for example the following in the command line kav4samba licensemanager dr The following information wil...

Page 57: ...ate a test virus manually To do so enter the line below in any text editor and save it to a file under the name eicar com X5O P AP 4 PZX54 P 7CC 7 EICAR STANDARD ANTIVIRUS TEST FILE H H The file which...

Page 58: ...n the virus body is changed to CURED DELE The object is deleted automatically The first column of the table contains the prefixes which should be added to the line beginning of the standard test virus...

Page 59: ...server performance noticeably loading the CPU Virus detection is a purely computational mathematical problem con nected with structural analysis checksum calculation and mathematical data conversions...

Page 60: ...ch as iChecker developed at Kaspersky Lab In that case a file is checked for viruses only once during the initial scanning During all subsequent scans the file is not checked for virus presence provid...

Page 61: ...Receive the message on your computer save it to any folder on your hard drive and specify the folder as the license key source during installation of Kaspersky Anti Virus Question my Anti Virus does n...

Page 62: ...sky Lab may experience incorrect product operation That is first of all determined by the operating system specifics For example your OS distribution may use a different version of a certain library o...

Page 63: ...some_app means the software the standard output and error mes sages of which you would like to have saved to a file text_file full path to the file where the information will be re corded For example...

Page 64: ...ings will be mentioned where applicable The path section contains essential parameters that define the paths to critical application files BasesPath full path to the anti virus databases LicensePath f...

Page 65: ...to enable the mode set the parameter to yes Ichecker yes instruction to use the iChecker technology for anti virus scanning In order to disable the mode set the parameter to no FileCacheSize the numb...

Page 66: ...action will be performed over objects that could not be disin fected OnSuspicion action actions to be performed in case when the applica tion detects a suspicious file resembling a virus that is yet...

Page 67: ...n infected object OnProtected action notification upon detection of a password protected object Such objects cannot be scanned OnCorrupted action notification upon detection of a damaged file OnError...

Page 68: ...archives will be scanned even if the SelfExtArchives parameter is set to no MailBases yes mail database scan mode In order to disable the mode set the parameter to no MailPlain yes scanning mode for p...

Page 69: ...ng action actions to be performed in case when the application detects a file resembling a known virus OnCorrupted action actions upon detection of a damaged file OnCured action actions in case of det...

Page 70: ...Cured action actions in case of detection and successful disinfection of an infected object within a container OnProtected action actions upon detection of a password protected en crypted object insid...

Page 71: ...ckage will reload the updated anti virus databases automatically We do not recommend changing the value of this setting RegionSettings ru the code of the user s region two initial letters of the regio...

Page 72: ...onent The configuration file parameters can be redefined using command line options when you are launching the application from the command line Let us examine them closely Help options h Display on t...

Page 73: ...configuration file g path_to_file Write the list of all known viruses registered in the anti virus databases into the path_to_file file f Ignore corrupted signature of the kavscanner component and att...

Page 74: ...s 2 Enable disable output of informational messages 3 Enable disable output of messages related to scanning 10 Enable disable output of debugging messages x option Specify the amount of details in the...

Page 75: ...bjects into the file_name file w Save to the file_name file a list of objects containing code that resembles known viruses filelist lst Scan objects with the path specified in the filelist lst file Fi...

Page 76: ...ve been detected 25 Infected files have been detected 30 System error during file scanning 50 The anti virus databases could not be loaded the path specified in the configuration file is not found 55...

Page 77: ...y information about the path_to _file key on the screen a path_to_file Install the path_to_file license key d a r Remove all license keys remove an additional license key A 7 Licensemanager return cod...

Page 78: ...ous version k Do not execute the PostUpdateCmd command after a successful anti virus database update q The mode of the component operation in which no system messages will be printed to the screen e T...

Page 79: ...atabase has been updated successfully 10 Critical error occurred the updating process will be terminated 12 Error occurred while rolling back to the last update of the anti virus databases 30 The Post...

Page 80: ...tion from current and future threats Resistance to future attacks is the basic policy implemented in all Kaspersky Lab s products At all times the company s products remain at least one step ahead of...

Page 81: ...ch can be used independently or may be bundled with various integrated solutions offered by Kaspersky Lab Ltd Kaspersky OnLine Scanner The program is a free service offered to the visitors of Kaspersk...

Page 82: ...eatures Control of changes within file system The program allows users to create a list of applications which it will control on a per component basis It helps protect application integrity against th...

Page 83: ...ch helps prevent confidential data leaks first of all your passwords bank account and credit card numbers and block execution of dangerous scripts on web pages pop up windows and advertisement banners...

Page 84: ...software allows the user to perform complex anti virus scanning including On demand scanning of mobile device s memory individual folder or a specific file If an infected objects is detected it is re...

Page 85: ...with the specific needs of your network configuration Kaspersky Corporate Suite provides comprehensive anti virus protection for Workstations running Windows 98 ME Windows NT 2000 XP and Linux File se...

Page 86: ...ecurity for Microsoft Exchange performs anti virus processing of incoming and outgoing mail messages as well as messages stored at the server including letters in public folders and filters out unsoli...

Page 87: ...rs using Clearswift MIMESweeper The software is implemented as an anti virus plug in for Clearswift MI MESweeper for SMTP that scans incoming and outgoing e mail processing it in real time B 2 Contact...

Page 88: ...TERMS OF THIS AGREEMENT DO NOT BREAK THE CD s SLEEVE DOWNLOAD INSTALL OR USE THIS SOFTWARE IN ACCORDANCE WITH THE LEGISLATION REGARDING KASPERSKY SOFTWARE INTENDED FOR INDIVIDUAL CONSUMERS KASPERSKY A...

Page 89: ...one Client Device or by more than one user at a time except as set forth in this Section 1 1 1 The Software is in use on a Client Device when it is loaded into the temporary memory i e random access m...

Page 90: ...tware or hardware front end If the number of Client Devices or seats that can connect to the Software exceeds the number of licenses you have obtained then you must have a reasonable mechanism in plac...

Page 91: ...the Kaspersky Lab Privacy Policy which is deposited on ww kaspersky com privacy and you explicitly consent to the transfer of data to other countries outside your own as set out in the Privacy Policy...

Page 92: ...easonably necessary to assist the Supplier in resolving the defective item v The warranty in i shall not apply if you a make or cause to be made any modifications to this Software without the consent...

Page 93: ...ter hereof and supersedes all and any prior understandings undertakings and promises between you and Kaspersky Lab whether oral or in writing which have been given or may be implied from anything writ...

Search results

Summary of Contents for ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL...

Reviews:

Related manuals for ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL...

Brands by name

Popular brands

KAPERSKY ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL..., Administrator'S Manual

Search results

Summary of Contents for ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL...

Reviews:

Related manuals for ANTI-VIRUS 5.5 - FOR LINUX-FREEBSD MAIL...

Brands by name

Popular brands