KAPERSKY ANTI-VIRUS - FOR FREEBSD-OPENBSD-BSDI FILE..., User Manual

Page 1: ...KASPERSKY LAB Kaspersky Anti Virus for FreeBSD OpenBSD and BSDi File Server USERGUIDE...

Page 2: ...A S P E R S K Y A N T I V I R U S F O R F R E E B S D O P E N B S D A N D B S D I F I L E S E R V E R User Guide User Guide User Guide User Guide Kaspersky Lab Ltd http www kaspersky com Revision date...

Page 3: ...ftware and hardware requirements 14 2 2 Backing up your installation diskettes 15 2 3 Step By Step Installation 15 2 3 1 of Kaspersky Anti Virus for FreeBSD 15 2 3 2 of Kaspersky Anti Virus for OpenBS...

Page 4: ...ecked 36 5 3 2 Defining objects to be checked 38 5 3 2 1 Object types 38 5 3 2 2 Sectors 38 5 3 2 3 Files 39 5 3 2 4 Packed executables 41 5 3 2 5 Archives 42 5 3 2 6 Mail databases and plain mail fil...

Page 5: ...2 Launching Slogan 76 8 3 Slogan in the real time monitoring mode 78 9 TUNER CUSTOMIZING SCANNER AND DAEMON 80 9 1 Features and functions 80 9 2 Launching Tuner 81 9 3 Interface 82 9 4 Creating editin...

Page 6: ...face 112 10 6 Defining the Configuration of WebTuner 114 10 6 1 WebTuner settings 114 10 6 2 The main page WebTuner performance settings 116 10 6 3 The modules page remote administration settings 117...

Page 7: ...archive 146 11 4 Saving the report to a file 147 12 INSPECTOR MONITORING FILESYSTEM INTEGRITY 148 12 1 Function and Features 148 12 2 Running Inspector 149 12 2 1 The Program Command Line 149 12 2 2...

Page 8: ...7 Slogan report templates 184 15 8 Inspector command line switches 187 15 9 Control Centre command line switches 190 15 10 Monitor configuration file monitor conf 194 15 11 Updater command line switch...

Page 9: ...1 Introduction What is Kaspersky Anti Virus for FreeBSD OpenBSD and BSDi File Server KasperskyTM Anti Virus for FreeBSD OpenBSD and BSDi File Server Kaspersky Anti Virus for xBSD File Server is a sof...

Page 10: ...programs and kavmonitor the anti virus file monitor Monitor continuously keeps checking for viruses in files of your FreeBSD filesystem that are started or opened The slogan program Slogan was develo...

Page 11: ...of all the Kaspersky Anti Virus for xBSD File Server components can be coordinated by means of the kavucc program Control Centre allowing a user to schedule automatic starts of the components and dis...

Page 12: ...he terms of the LA 1 2 3 Registration card To register please fill the detachable coupon of your registration card your full name phone e mail address and mail it to the dealer that sold this kit to y...

Page 13: ...w asp Kaspersky Lab does not give advice on the performance and use of your operating system or various other technologies 1 4 Information in the book What is in this documentation and what is not Thi...

Page 14: ...portant information To do this 1 Step 1 2 Actions that must be taken Function of the control function of the control Description of the settings tree switch function of the switch Command line switche...

Page 15: ...ments What hardware and software do you need to run Kaspersky Anti Virus for xBSD File Server In order to run Kaspersky Anti Virus for xBSD File Server you need a system that meets the following requi...

Page 16: ...nstalling Kaspersky Anti Virus for xBSD File Server on a computer 2 3 1 of Kaspersky Anti Virus for FreeBSD To install the Kaspersky Anti Virus for FreeBSD software package on a computer follow these...

Page 17: ...tion of the WebTuner program by using the string pkg_add archive_name in the command line A script file allowing creation of the server SSL certificate will be started You must answer all the question...

Page 18: ...from the software package archive These elements are also archives containing files of the software product 3 Extract and install every component of the Kaspersky Anti Virus for OpenBSD and BSDi softw...

Page 19: ...e the program begins to look for it in the current directory If required you may edit the file for details of the INI file see Appendix B The initialization file must be edited in one of the following...

Page 20: ...ry files If you want your anti virus scanner and the daemon process while checking for viruses to place temporary in a directory that is different from tmp the default directory for temporary files de...

Page 21: ...20 20 20 3 If necessary edit the profile see Appendix B If you specify the ua name switch where name is the user name in the Tuner or the Installer command line the programs will automatically perform...

Page 22: ...ing command line switches and profiles To use various features of Kaspersky Anti Virus for xBSD File Server you must define objects to be checked how to handle those objects advanced scanning tools to...

Page 23: ...virus scanner to check the directory root by using two advanced scanning tools a redundant check and a heuristic tool To define settings for the same operation in defUnix prf open it in a text editor...

Page 24: ...he daemon process and loading of the virus definition databases into the system memory To start checking in your home directories for example you may use the following command kavdaemon o home Daemon...

Page 25: ...tly protect your computer from new viruses it s advisable to update your virus definition databases on a regular basis Updater that is supplied with Kaspersky Anti Virus for xBSD File Server allows yo...

Page 26: ...er This program may be started from the command line or from the specially developed script file If your Scanner when started does not detect the key file the program will function as a demonstration...

Page 27: ...rofile it will use its default settings Finally settings from the profile may be redefined by available command line switches If you want to load settings from a profile that is different from that de...

Page 28: ...bases After this the anti virus scanner checks for viruses in itself the kavscanner executable module If your anti virus scanner is infected with a virus the program will ask whether you want to disin...

Page 29: ...y to disinfect them Unfortunately sometimes it is impossible to do Scanner displays the corresponding message In this case infected objects must be deleted Scanner does not disinfect files corrupted b...

Page 30: ...t only disInfect or Delete Action_2 and Action_3 are the other two methods of the three listed above The Cancel and Stop commands are always at the end of the string To select the default method you m...

Page 31: ...eck your anti virus scanner will automatically handle all infected objects as you specified in the previous dialog Results of the check will be logged 4 2 3 Handling corrupted objects As we mentioned...

Page 32: ...e this object The anti virus scanner does not disinfect mail databases and plain mail files The scanner does not disinfect and delete infected objects if they are archived but you may try the followin...

Page 33: ...that have been detected and deleted The statistics table is divided into two columns Its left column displays values for objects that have been checked sectors files directories packed files and archi...

Page 34: ...cted objects and general statistics will be logged if you preset the program to do so To process and summarize data within the performance reports and to review details of scanning operations use the...

Page 35: ...s What to check Where to check How to handle infected objects Prior to checking for viruses in your computer you must define Location to be checked system sectors including Boot Sector Master Boot Rec...

Page 36: ...can log the check report and the performance statistics to a file 5 2 How to change settings How to change settings command line switches profile and configuration program Recommendations on use of va...

Page 37: ...gs for a separate location to be checked Location to be checked Objects to be checked Individual settings for locations to be checked 5 3 1 Defining the location s to be checked Before changing other...

Page 38: ...hen including or excluding them from the check Now you simply prefix them with or You may also specify the location by command line switches for details see subchapter 4 1 If you do not have rights to...

Page 39: ...ing see subchapter 5 3 2 5 mail databases and plane mail files see subchapter 5 3 2 6 OLE objects embedded in the examined files see subchapter 5 3 2 7 If you started the program with no predefined ob...

Page 40: ...2 and Access and Java applets Thereby this value scans all the files that are capable of containing a virus code 1 scans all the files with extensions bat bin cla cmd com cpl dll doc dot dpl drv dwg e...

Page 41: ...separate them by commas or spaces This parameter corresponds to the command line switch XF filemasks where filemasks must be substituted with the file masks to be excluded from the check 3 In the Exc...

Page 42: ...ersions of the most popular utilities DIET PKLITE LZEXE EXEPACK etc to temporary files so the anti virus scanner can check them When the check is completed the temporary files are deleted The unpackin...

Page 43: ...years and the virus will be inactive and therefore invisible to you but some day the virus may break loose and ruin your system To enable the extracting engine 1 Type Yes in the Archives line of the...

Page 44: ...Outlook Express pst and pab files a type of MS Mail archive Microsoft Internet Mail mbx files a type of MS Internet Mail archive Eudora Pro Lite Pegasus Mail Netscape Navigator Mail JSMail SMTP POP3 s...

Page 45: ...he profile Otherwise type No 5 3 3 Defining anti virus actions In the appropriate lines of the Object section of a profile you can define actions that should be taken on infected suspicious and corrup...

Page 46: ...deleted see subchapter 4 2 3 You can preset the anti virus scanner to automatically disinfect infected objects with the command line switch or I2 There are available two more command line switches fo...

Page 47: ...d files to a separate directory type Yes in the Backupinfected line of the profile The directory for copies of the infected files must be defined in the appropriate line of the ActionWithInfected sect...

Page 48: ...the virus body will be deleted but some of its parts will remain in the file This is the case when you need to run the redundant scan operation that will check not only the file entry points but also...

Page 49: ...cted by an unknown Windows virus Formula the Excel file contains suspicious instructions Of course just like any other of the type the heuristic algorithm may occasionally produce false alarms however...

Page 50: ...own the scanning rate and increases the probability of false alarms 5 4 Settings for the cumulative location to be checked 5 4 1 Cumulative settings Unlike settings for a separate location to be check...

Page 51: ...ing operations are located in the Options and Tempfiles sections of a profile These parameters allow you to define scanning of directories located on removable disks scanning of links and subdirectori...

Page 52: ...e Yes in the Deleteallmessage line of the Customize section of a profile If you type No the program will be deleting the objects without the confirmation The setting will be used only for that locatio...

Page 53: ...the Options section 0 do not check files and directories available via the symbolic links 0 in the Symlinks line corresponds to the command line switch LP 1 check only files and directories available...

Page 54: ...MemFiles line The temporary files exceeding this size will be created on the hard drive This setting will be used only if you entered a positive value Yes in the UseMemoryFiles line of the Tempfiles s...

Page 55: ...infected files to a separate folder in the ActionWithInfected section of a profile Type Yes in the InfectedCopy line Define a path to the folder for infected files in the InfectedFolder line The defa...

Page 56: ...r suspicious files and corr for corrupted files To change the name of the owner of infected suspicious and corrupted files that the program failed to desinfect define the target name in the ChownTo li...

Page 57: ...file will be created in your home directory To limit the size of your log file Type Yes in the ReportFileLimit line Define the maximum size in Kb in the ReportFileSize line To append new reports to t...

Page 58: ...details to the report heading The program may be enabled to log check reports to the system or the user log To add check results to the system log type Yes in the UseSysLog line Type No to add check r...

Page 59: ...h O enables and the switch O disables the messages ShowPack reports packed and archived objects Type Yes to enable these messages or No to disable them This parameter corresponds to the command line s...

Page 60: ...e e g Monitor on a computer running xBSD Daemon operates as a system process and inherits all the functions of Scanner therefore our description of the Scanner capabilities can be applied to Daemon Un...

Page 61: ...n process The Daemon command line Command line switches specific to the daemon process The Daemon profile as compared with the anti virus scanner Daemon can be launched from the command line script fi...

Page 62: ...t after the check and disinfecting is completed without starting the daemon process This switch is used only if the daemon process is not started yet k kills the parent daemon process This switch is n...

Page 63: ...in the command line the daemon process will not be started If the process has been started the Daemon program establishes a data link with it and uses this link to transfer the command string with sca...

Page 64: ...ubstring transfers the file name and parameters of the command line In the simplest case just the file name will be transferred In this case the string can look similar to the following 0 27 Mar 13 40...

Page 65: ...o be applied by the daemon process to the object The high byte contains flags defining further operations The value 0x2 in the high byte means that there should be 4 bytes read containing a size of th...

Page 66: ...en developed to check for viruses in files every time they are opened saved or executed The program handles files of FreeBSD OS FTP HTTP HTTP Proxies POP3 Samba and other network servers whose filesys...

Page 67: ...semble the kernel anti virus module The module is supplied together with the Monitor program and is called klmon The main feature of the module construction is that the module allows you to launch and...

Page 68: ...us modules source codes are located in the kavmonitor directory Only the administrator the root user is authorized to assemble and install the anti virus module To assemble the anti virus module and i...

Page 69: ...parameters defining the program performance When a file is processed and saved to the hard disk Monitor returns the appropriate exit code However many programs do not process exit codes of the file cl...

Page 70: ...uted You can enter more than one path in this line but make sure to separate them by colons For example ExecExcludeMask usr bin bin sbin The settings described above are also applied to subdirectories...

Page 71: ...eously scanned files enter the required number in the MaxConcurrentCheck line For example MaxConcurrentChecks 10 To enable the program to report errors type OK in the Warnings line of the Options sect...

Page 72: ...aemon process and load the kernel anti virus module 2 Launch the klmon anti virus module if it was not automatically started by your operating system For example enter the string insmod monitor 2 2 18...

Page 73: ...ems The most frequent problems and the ways to solve them are described below If you cannot load the klmon kernel anti virus module and see a message similar to the following on your screen unresolved...

Page 74: ...uch file or directory this means that the daemon process is not running or is set to use the wrong socket In the Daemon program configuration file define the path to the socket file that you want to u...

Page 75: ...R 74 74 74 74 2 Enter the command lsmod in the command line to check whether the kernel anti virus module is loaded 3 Try to launch the Monitor program with a path to the configuration file in the co...

Page 76: ...orts reports reports reports 8 1 Features and functions Function and features of the program The Slogan program is developed to process and summarize data within the performance reports of the Scanner...

Page 77: ...mmand line switch h When starting Slogan you can use the following command line switches s file1 file2 fileN or s filemask where file1 file2 fileN is the list of log files to be parsed by Slogan filem...

Page 78: ...h de dd mm yyyy The program will summarize the reports generated before and on the date defined by this switch e This switch allows use of the English language in the summary reports By default the Sl...

Page 79: ...When starting the program in the real time monitoring mode you can use the following command line switches R sec The required refresh rate of the Slogan real time statistics screen For example for the...

Page 80: ...hecked Packed packed executable files checked Corrupted corrupted objects detected OK files checked I O Errors input output errors occurred Infected infected objects detected Disinfected objects disin...

Page 81: ...es of the program Tuner the customization program allows you to create and edit profiles i e files containing a certain set of predefined settings of the anti virus scanner and the daemon process the...

Page 82: ...prf located in the directory usr local share AVP to be used as a profile ps This switch enables Tuner to manage only the Scanner settings pd This switch enables Tuner to manage only the Daemon settin...

Page 83: ...ess the key ESC and then the required hotkey The key combination ALT THE REQUIRED KEY will not function here To move along the menu use arrow keys or the appropriate key combinations Under the menu ba...

Page 84: ...file Creating editing and saving a profile using the customization program For your anti virus scanner to use values that you defined in the working area of the customization program you must save the...

Page 85: ...r screen 3 In the Files list select the directory with the profile you are suppose to edit 4 Select the profile 5 Press the Open button Settings from this profile will be loaded into the main window T...

Page 86: ...4 you can define the list of directories to be scanned for viruses Figure 4 The Location page The Location page corresponds to the Object section of a profile If you started the program with no prede...

Page 87: ...rop down list the directory tree and the buttons OK Cancel and Revert will appear on your screen 2 Select the required directory To do this you may enter the full path to the directory in the Director...

Page 88: ...all Save as and Cancel Options on these tabs allow you to define the following settings for the selected directory the objects and the file types to be checked for viruses for details see subchapter...

Page 89: ...st and prefixed with Cancel allows to exit the Property for window without saving the changes you made 9 5 2 2 The directory Property window Objects to be checked Options on the Property window Object...

Page 90: ...6 Plain Mail formats check this box to check for viruses in plain mail files for details see subchapter 5 3 2 6 The mail databases and especially plain mail files scanning modes noticeably slow down...

Page 91: ...s from the directory tree in the Add folder box for details see subchapter 9 5 1 To make sure there is not virus in the location to be checked it is advisable to scan all the files the All files optio...

Page 92: ...deletes infected objects without asking first Figure 6 The Actions page Select one of the following options to define how to handle unrecoverable objects Report only reports unrecoverable objects Mes...

Page 93: ...tool searching for corrupted or modified viruses Code Analyzer check this box to enable the heuristic detecting tool searching for unknown viruses Figure 7 The Options page Sometimes a file may be inf...

Page 94: ...s on the Options page of the Tuner main window see Figure 8 allow you to define the scanning settings applied to the entire list of directories to be checked the cumulative location to be checked The...

Page 95: ...file define the maximum size in Kb in this text field The default value is 3000 Kb and it means that the temporary files exceeding this size will be created on the hard drive Mem files max size to lim...

Page 96: ...indow see Figure 9 allow you to define the format and the contents of the program reports The Report page corresponds to the Report section of a profile Figure 9 The Report page On this page you can d...

Page 97: ...gle line If you feel this way with your text editor check this box and the program will use both separators carriage return and linefeed in your log file Report for each object check this box to be re...

Page 98: ...ow without saving the changes made Use the below check boxes to define optional information that will be included in the report Show clean object in the log check this box to be reported about the exa...

Page 99: ...iles detected within the cumulative location to be checked The ActionWith page corresponds to the ActionWithInfected and ActionWithSuspicion sections of a profile This page contains two sets of simila...

Page 100: ...he target extension Use the below text fields to define access attributes of infected files 1 Chown to to change the name of the owner of infected files that the program failed to disinfect enter the...

Page 101: ...12 The Customize page Use the below check boxes to define the program performance settings Sound effect check this box for the program to use sound effects while scanning for viruses Check updates vi...

Page 102: ...ed for confirmation when deleting an infected object This setting will be used only for the directory to be checked with checked Delete objects automatically box on the Actions page see subchapter 9 5...

Page 103: ...bTuner is developed to administrate Kaspersky Anti Virus for xBSD File Server i e to change settings and launch the package components locally or from a remote location Management of the WebTuner prog...

Page 104: ...creating the file containing user passwords for WebTuner see step 7 in subchapter 10 3 2 Before installing WebTuner you must install the web server on your computer if you are not already using a conv...

Page 105: ...between the web server and the web browser is implemented via the Secure Socket Layer protocol SSL supporting the communication privacy The web server that is supplied together with the program distr...

Page 106: ...pd The directory structure is as follows bin the directory containing the executable file for the web server installation conf the directory containing the web server configuration file html the direc...

Page 107: ...ath to the web server executable file For example HTTPD usr local share AVP httpd bin _httpd 2 Verify and edit if not correct the following strings of the file _httpd conf located in the directory con...

Page 108: ...P AvpIni AvpUnix ini the name of the Kaspersky Anti Virus for xBSD File Server initialization file 4 Use the htpasswd program supplied with the distributive to generate the htpasswd file This file wil...

Page 109: ...OCROOT parameter of the file _httpd conf 1 To enable the web server to start automatically when you started the xBSD operating system place the script _http init into the directory etc init d and then...

Page 110: ...ertificate file and the new encoding key file for SSL The corresponding sequence of actions was described in the step 8 for the WebTuner distributive web server see above 7 To be able to review anti v...

Page 111: ...he USER line of the file _httpd conf located in the directory conf Note that if the server is started manually it must be started by the user defined in the USER line or by the root user that will be...

Page 112: ...web browser To launch WebTuner the remote administration program follow these steps 1 Start your web browser 2 Enter the string https your_server_name port where your_server_name is the server with p...

Page 113: ...remote administration of the Kaspersky Anti Virus for xBSD File Server components 10 5 Interface Discussing the interface When you start the program the main window appears on your screen see Figure...

Page 114: ...When you selected the required list item the corresponding set of buttons will appear at the bottom of the window These buttons allow you to define settings of the selected program to start the progr...

Page 115: ...ngs Attention If you enter incorrect values for any parameter using WebTuner it may result in the abnormal performance of the program When using the WebTuner program you can define its own configurati...

Page 116: ...erformance settings for details refer to subchapter 10 6 2 The modules page contains the list of software modules that can be administrated from WebTuner and the buttons allowing you to edit the list...

Page 117: ...7 The main page To insure correct performance of the WebTuner program follow these steps 1 Enter the full path to the cgi bin directory in the WebTuner CGI directory text field You can do this manuall...

Page 118: ...ocated in the right upper corner on the main page to save the changes you made 10 6 3 The modules page remote administration settings The list of modules to be remotely administered from WebTuner and...

Page 119: ...module name in the Name text field of the Add new module window on your screen 3 Press the add button The new module will appear in the list To remove an item from the list follow these steps 1 Selec...

Page 120: ...kavdaemon The above setting is used in the definition of the Run exec str parameter Configure exec str the string defining availability and the address of the config hyperlink that appears in the WebT...

Page 121: ...re used in the above text field values refer to subchapter 15 13 of Appendix B By omitting any of the above values and leaving the corresponding text field blank you remove the corresponding hyperlink...

Page 122: ...lowing hyperlinks appear at the bottom of the window run config default config and view log see Figure 20 These are the links allowing you to display windows with Daemon related options and commands T...

Page 123: ...ngs using appropriate pages in the window on your screen for details refer to subchapter 10 7 2 When you have finished editing the required profile you can set it as the default profile for the daemon...

Page 124: ...ails refer to subchapter 10 7 2 2 The options page items allow you to define the scanning settings for details refer to subchapter 10 7 2 3 The actions page items allow you to define how to handle inf...

Page 125: ...ne scanning settings for the selected directory follow these steps 1 Press the properties button 2 Edit settings for the selected directory in the window on your screen The window contains tabs allowi...

Page 126: ...w will appear on your screen Use the window to add the required directory to the list of directories on the objects page The directory will be added to the list and prefixed with cancel allows you to...

Page 127: ...ning settings to be applied to the entire list of directories to be checked for details see subchapter 10 7 2 2 The page options and their functions are similar to those described in subchapter 9 6 Th...

Page 128: ...The page options and their functions are similar to those described in subchapter 9 8 for infected objects To move between the subpages use the arrow buttons and located in the upper right corner of t...

Page 129: ...efinition databases are loaded into the memory just once when the program is started for the first time Therefore when you start the daemon process using the run hyperlink in the WebTuner main window...

Page 130: ...ms in the Socket file dir text field manually or by using the browse button The default path is var run 3 Press the run button The Daemon starting log will be displayed on your screen see Figure 25 Fi...

Page 131: ...W E B T U N E R 130 130 130 130 Figure 24 Daemon start parameters Figure 25 Daemon starting log...

Page 132: ...cket directory name path to the directory with the socket file supporting communication between Daemon and client programs Connection status the status of connection with this socket There are two sta...

Page 133: ...sting ones and it may affect the check results 2 Press the return button to return to the Daemon status window see Figure 23 3 Press the run button The Daemon starter window will appear on your screen...

Page 134: ...files checked Infected infected objects detected Disinfected objects disinfected Disinfection failed unrecoverable objects detected Deleted files objects deleted Warnings modified and corrupted viruse...

Page 135: ...by pressing the select button for browsers not supporting Java Script 3 Press the open button To review the log in HTML press the full view button You may change the log display It may be displayed in...

Page 136: ...ct the Scanner program from the list of controllable programs in the WebTuner main window the following hyperlinks appear at the bottom of the window run configure and default config see Figure 29 The...

Page 137: ...canner settings using appropriate pages in the window on your screen To launch Scanner click the run hyperlink For more details on launching your Scanner see subchapter 10 8 3 To display the performan...

Page 138: ...ld that follows the word Scan Endlessly scan check this box to implement loop scanning for viruses Scan delay enter the interval between two loops in seconds This parameter is used only if you checked...

Page 139: ...e the location in the Scan path text field 2 Select the Scan input path option button to scan the defined location To scan the location defined in the default profile select the Scan default path opti...

Page 140: ...n messages listed in the subchapter 15 5 of Appendix B If the anti virus scanner is not started the window will contain the results of the previous scanning operation 10 9 WebTuner administering Updat...

Page 141: ...dated via the Internet from an archive from a network directory Select one of the following options From web updating via the Internet This is the default option The Update path text field above conta...

Page 142: ...option enter the corresponding path in the Update path text field Figure 32 The update source window To launch the updating operation press the run button The updating will be started and the window d...

Page 143: ...ress To review the status of the last updating operation press the view log button The program will display a window with information about the last updating operation see Figure 33 If the updating op...

Page 144: ...checking for viruses The program allows you to update virus definition databases via the Internet from an archive or from a network location The wget program is a software requirement for updating vi...

Page 145: ...atabases However you may redefine the values of these options with the command line switches b and s respectively for details see Appendix B If when you start xBSD or Daemon the program cannot find th...

Page 146: ...and copies them to the database directory For example kavupdater uik http www kasperskylab com updates To upgrade the Kaspersky Anti Virus for xBSD File Server components from an FTP or a web server l...

Page 147: ...m will copy virus definition databases from the network directory to the directory on your computer For example kavupdater ud home bases To upgrade your Kaspersky Anti Virus for xBSD File Server compo...

Page 148: ...s to reports You may define the name of your log file If this file is not defined in the switch the program will use the log file pre defined in defUnix prf To append reports to the defined file enter...

Page 149: ...ching for viruses Inspector is not guided by virus definitions in the corresponding databases The program identifies viruses in an object with respect to the methods that have been used by a virus to...

Page 150: ...and line This is necessary because when started for the first time your Inspector copy collects data about the location to be checked that is defined by the command line parameter pathN and saves this...

Page 151: ...e existing database with the new one if the database defined in the switch already exists If you specify the switch g database_name in the command line the newly collected data will not be saved to th...

Page 152: ...right after the check is completed In this case the general format of this switch is filname To define the location to be checked directly in the command line specify all the full paths to the directo...

Page 153: ...es When it detects modified or new files Inspector may perform one of the following actions prompt for disinfection of infected objects display a report about the modified and new files detected autom...

Page 154: ...t use the switches da2d and a socket_directory in the Inspector command line The switch a socket_directory must define the path to the directory containing the Daemon socket file To set the program to...

Page 155: ...ch logs the performance report to the defined file the default file is report txt If the character a is defined in the switch the report will be appended to the contents of filename the character t ov...

Page 156: ...ce xBSD File Server Performance xBSD File Server Performance 13 1 Function and Features The Control Centre program has been developed to schedule performance of all the Kaspersky Anti Virus for xBSD F...

Page 157: ...eation and editing of the task performance schedule is performed from the command line The general format of the task scheduling command line is kavucc instruction1 task_parameters instructionN task_p...

Page 158: ...root e 00 15 You can schedule more than one task to be performed once daily weekly monthly or every time the Control Centre is started This can be done with the instruction ca The character may be sub...

Page 159: ...st be started for the last time re delay is the interval between two starts in days e hour min is the prgname program run time When the time is over the program shuts down To schedule a task to be per...

Page 160: ...month for example xm jan xm aug Other parameters in this command line are similar to the ones described for a task to be performed daily To schedule a task to be performed once enter the following str...

Page 161: ...l Centre command line The complete list of created tasks with their descriptions will be displayed on your screen Every task in the list is assigned an ID The ID s general format is IdN where N is the...

Page 162: ...appended to the contents of filename the character t overwrites the report with a new one If the character is defined extra information will be included in the report heading The character disables t...

Page 163: ...the daemon process For example defUnix prf The key file If your Scanner and Daemon can not find this file they will function as demonstration copies i e they will check for viruses but will not delet...

Page 164: ...gram settings You may edit a file with parameters prf ini conf in any text editor The file contains several sections with parameters and their values The general format of a section is Section_name Pa...

Page 165: ...key files are located You may define values for only one of the above parameters KeyFile or KeysPath SetFile the name of your set file the file containing settings for your virus definition databases...

Page 166: ...ons within the file Object Names home user mydoc usr src Sectors No Files Yes FileMask 2 UserMask tar gz ExcludeFiles 1 ExcludeMask Internet rar ExcludeDir home user mydoc Packed Yes Archives Yes Self...

Page 167: ...o ActionWithSuspicion SuspiciousCopy No SuspiciousFolder suspiciou s CopyWithPath Yes ChangeExt None NewExtension Susp ChownTo None ChModTo No ActionWithCorrupted CorruptedCopy No CorruptedFolder corr...

Page 168: ...when including or excluding them from the check Now you simply prefix them with or Sectors to check disk sectors within the selected location type Yes in this line Otherwise type No The sector check...

Page 169: ...s defined by the ExcludeMask parameter and files located in directories defined by the ExcludeDir parameter ExcludeMask here you may define file masks separated by commas or spaces this parameter is v...

Page 170: ...line enables the program to copy infected files before they are disinfected to a separate directory defined by the InfectedFolder parameter No disables this feature IfDisinfImpossible here you must d...

Page 171: ...ent in the Kaspersky Anti Virus version for Rescue Disk ParallelScan Yes in this line enables the program to scan for viruses in several files simultaneously No disables this feature The number of sim...

Page 172: ...reateFlag the log file attributes mask UseCR Yes in this line enables the program to use both the carriage return and the linefeed characters to separate records in a log file Otherwise type No By def...

Page 173: ...es the program to report password protected archives No disables this feature ShowSuspicion Yes in this line enables the program to report suspicious objects No disables this feature ShowWarning Yes i...

Page 174: ...by group The ActionWithSuspicion section parameters define the actions to be taken by the program when it detects suspicious objects SuspiciousCopy Yes in this line enables the program to copy suspic...

Page 175: ...moryFiles Yes in this line enables the program to create temporary files in the memory but not on your hard disk Type No to create temporary files on the hard disk LimitForMemFiles the maximum size in...

Page 176: ...id only if RedundantScan Yes No disables this feature DelleteAllMessage Yes in this line enables the program to ask for confirmation when deleting an infected object valid only if InfectedAction 3 No...

Page 177: ...is the optional command line switch path is the optional xBSD path filemasks are the optional file masks defining xBSD files to be checked for viruses By default the program checks all the executable...

Page 178: ...lid filename checks files listed in the text file filename Every line in this text file must contain only one filename to be checked with the full path to it If the optional character is specified in...

Page 179: ...Y skips all dialogs to be used in script files D runs check once per day to be used in script files Z prohibits the check from being interrupted p enables parallel scanning p number enables parallel...

Page 180: ...ected If the boot sector is not repairable Scanner will replace it with a standard DOS 6 0 boot sector I3 or E deletes infected objects automatically K skips reporting packed and archived files F prof...

Page 181: ...location to be checked for viruses but for Daemon it assigns the path value to the list of locations enabled to be checked i e to the Names parameter of the profile The objects to be checked are defin...

Page 182: ...daemon process to log check results In this version when you launch the daemon process it automatically initiates the following two processes the primary process handles calls from client programs the...

Page 183: ...ined virus but the complete instruction set was not detected If you see a lot of these messages the probability that your computer is infected by a new modification of the defined virus is very high S...

Page 184: ...picious objects were detected 4 one or more viruses were detected 5 all infected objects were disinfected 6 infected objects were deleted 7 the kavscanner or kavdaemon file is corrupted 8 files are co...

Page 185: ...ses not found esac exit 0 15 7 Slogan report templates Details of the templates that are used when displaying performance reports of Scanner and Daemon The Kaspersky Anti Virus for xBSD File Server di...

Page 186: ...ber of archives checked PACKED the number of packed executable files checked INFECTED the number of infected objects detected DESINFECTED the number of objects disinfected DESFAILED the number of unre...

Page 187: ...er of the virus pieces detected For example the file template tm2 may look similar to the following Start date DATELO End date DATEHI Total statistic Request REQUEST Archives ARCHIVE Packed PACKED Inf...

Page 188: ...hes The list of Inspector command line switches and their functions The general format of the Inspector command line is kavinspector switch1 switchN path1 pathN where switchN is the optional command l...

Page 189: ...text file filename Every line in this text file must contain only one filename to be checked with the full path to it If the optional character is specified in the switch filename will be deleted on c...

Page 190: ...skips all dialogs to be used in script files ki skips loading the ini file z prohibits the check from being interrupted da 0 1 2 d allows you to define one of the following methods of handling modifi...

Page 191: ...tra information will be included in the report heading The character disables the extra information in the report heading ws logs the performance report in the system log m logs additional information...

Page 192: ...switch p path defines the path to the directory with the files AvpCtl and AvpPid g base defines the path the master database containing performance parameters to be used by Control Centre gu base pat...

Page 193: ...ky Anti Virus for xBSD File Server legal users cr displays information about the current volume of the licensed traffic cp prgname a arg arg1 u username e hour min loads a task with the following para...

Page 194: ...d weekly where re delay is the interval between two starts in weeks sd sun mon tue wed thu fri sat is the weekday when the task must be performed cam prgname a arg arg1 u username st hour min fs day m...

Page 195: ...penExcludeMask etc var log usr include lib usr lib WriteExcludeMask etc var log ExecExcludeMask usr bin bin sbin Warnings Yes ShowOK No ShowCached No WriteInfectedAction none MaxConcurrentChecks 10 Yo...

Page 196: ...with files to be ignored when opened You can enter more than one path in this line but make sure to separate them by colons WriteExcludeMask the path to the directory with files to be ignored when sav...

Page 197: ...e way to update virus definition databases switchN is the optional command line switch The following command line switches are available the suffix defines the inverse meaning of the switch ui k serve...

Page 198: ...File Server components from the defined location on the defined server uipd server_and_path downloads new releases of the software from the defined location on the defined server without upgrading the...

Page 199: ...om which they will later be moved y skips all confirmation dialogs to be used in script files h a or displays the list of available command line switches o optimizes the set file During the optimizati...

Page 200: ...line switches available for Installer The general format of the installation utility command line is kavinstaller switch1 switch2 switchN archive where switchN is the optional command line switch arch...

Page 201: ...ile Main Modules Daemon Updater Scanner WebTuner CgiDir usr local share AVP httpd html cgi bin AvpDir usr local share AVP AvpIni AvpUnix ini Daemon Exec kavdaemon MainCgi DaemonPrf cgi Configure Daemo...

Page 202: ...Kaspersky Anti Virus for xBSD File Server components that can be administrated from WebTuner The default list includes Daemon Updater Scanner and WebTuner CgiDir the full path to the cgi bin directory...

Page 203: ...defining the path to the Kaspersky Anti Virus for xBSD File Server initialization file It will be automatically substituted for the value defined in the Main section AvpIni line The Configure paramet...

Page 204: ...eport defines viewing of the package component performance results from a remote location by using WebTuner The Report parameter insures availability of the view log hyperlink on the WebTuner main win...

Page 205: ...s If we classify viruses according to environment we come up with the following types file viruses infect executable files the most widespread virus type create twin files companion viruses or use fea...

Page 206: ...re also non resident viruses that place small resident programs into RAM However unlike with the memory resident viruses these programs do not distribute virus copies Macro viruses also can be conside...

Page 207: ...cts that are generally harmless though they may be extremely annoying harmful viruses may seriously interfere with the computer s performance hot viruses may corrupt programs cause data loss damage fi...

Page 208: ...uct line includes Kaspersky Inspector and Kaspersky WEB Inspector whose unique capabilities allow users full control over any unauthorized alteration to the file system and content of a Web server Upc...

Page 209: ...on demand anti virus monitor automatically checks in real time all used files module for checking MS Outlook Express mail databases for viruses on demand Kaspersky Anti Virus Personal Personal Pro Th...

Page 210: ...ning a Windows operating system It protects the computer against unauthorized access to its data and external hacker attacks from the Internet or an adjacent local network Kaspersky Anti Hacker monito...

Page 211: ...ness Optimal The package has been developed to provide full scale data protection for small and medium size corporate networks Kaspersky Anti Virus Business Optimal includes full scale anti virus prot...

Page 212: ...a cutting edge software suite designed to help organizations with small and medium size networks wage war against the onslaught of undesired e mail spam The product combines revolutionary technology...

Page 213: ...be glad to advise you on any matters related to our product by phone or e mail and all your recommendations and suggestions will be thoroughly reviewed and considered Technical support Please find th...

Page 214: ...D 10 Key file 19 162 License agreement 11 Location to be checked 28 38 39 Monitor 9 65 Objects to be scanned 38 Path to the temporary files directory 19 Profile 20 21 22 23 35 162 166 Redundant scanni...