Eset File Security Installation Manual and User Guide

ESET File Security

Installation Manual and User Guide

Linux, BSD and Solaris

Contents

1. Introduction

2. Terminology and abbreviations

3. Installation

4. Architecture Overview

5. Integration with File System services

6. Important ESET File Security mechanisms

..................................................................3

.........................................................................................3

Mai n functionali ty1.1

.........................................................................................3

Key features of the sys tem1.2

..................................................................5

..................................................................7

..................................................................8

..................................................................10

.........................................................................................10

On-demand scanner5.1

.........................................................................................10

On-access scanner powered by Dazuko5.2

On-access scanner us ing preload LIBC l ibra ry5.3

................................................................................10Opera tion principle5.2.1

................................................................................11Installa tion and configuration5.2.2

................................................................................11Tips5.2.3

.........................................................................................11

................................................................................12Opera tion principle5.3.1

................................................................................12Installa tion and configuration5.3.2

................................................................................12Tips5.3.3

..................................................................13

.........................................................................................13

Handle Object Pol i cy6.1

.........................................................................................13

User Speci fi c Configura tion6.2

.........................................................................................14

Sampl es Submis sion Sys tem6.3

.........................................................................................14

Web Interface6.4

Remote Adminis tration6.5

Logging6.6

................................................................................15Licens e ma nagement6.4.1

................................................................................16On-Access scanner (DAC) configuration example6.4.2

................................................................................16On-Dema nd scanner6.4.3

................................................................................17Statis tics6.4.4

.........................................................................................17

................................................................................18Remote Admini stration usage example6.5.1

.........................................................................................20

ESET File Security

Copyright ©2011 by ESET, spol. s r. o.

ESET File Security was developed by ESET, spol. s r. o.
For more information visit www.es et.com.
All rights res erved. No part of this documentation may be reproduced,
stored in a retri eva l syste m or transmi tte d in any form or by any
mea ns, ele ctronic, mecha nical, photocopyi ng, recording, scanning, or
othe rwis e without permission in writing from the author.
ESET, spol . s r. o. res erve s the right to cha nge any of the described
application software without prior notic e.

Customer Care Worldwide: www.eset.eu/support
Customer Care North America: www.e se t.com/support

7. ESET Security system update

8. Let us know

9. Appendix A. PHP License

..................................................................21

.........................................................................................21

ESETS update utility7.1

.........................................................................................21

ESETS update process description7.2

.........................................................................................21

ESETS mirror http daemon7.3

..................................................................22

..................................................................23

REV. 2011-02-08

1. Introduction

Dear user, you have acquired ESET File Security - the premier security sys tem runni ng under the Linux, BSD and Solaris OS. As
you will soon find out, ESET's state-of-the-art scanning engine has unsurpassed s ca nni ng s peed and detection rates combined
with a very s mal l footprint that makes i t the ideal choi ce for any Linux, BSD and Solaris OS server.

1.1 Main functionality

On-demand scanner

The On-demand sca nner can be invoked by a privileged user (usuall y a system admi ni strator) through either the command
line interface or the web interface; or by the operating s ys tem's automatic scheduling tool (e.g., cron). Thus, the term
refers to fil e system objects being scanned on user or s ys tem demand.

On-access scanner

The On-access s canner is i nvoked whenever a user a nd/or operating s ys tem attempts to access fil e system objects. This a lso
cl arifies the use of the term

O n -a ccess

; becaus e a s can is tri ggered by any attempt to access fil e system objects.

1.2 Key features of the system

Advanced engine algorithms

The ESET antivirus scanni ng engine algori thms provi de the highest detection rate and the fas test scanni ng times.

Multi-processing

ESET File Security is developed to run on s i ngle- as well as multi-process or units.

O n -dem an d

Advanced Heuristics

ESET File Security includes unique adva nced heuristics for Win32 worms, backdoor infections and other forms of malware.

Built-In features

Built-in a rchivers unpack a rchived objects without the need for any external progra ms.

Speed and efficiency

To increase the speed and efficiency of the system, its archi tecture is ba sed on the runni ng da emon (resident program) where
al l sca nni ng requests a re sent.

Enhanced security

All executive daemons (except esets_dac) run under non-pri vileged user account to enhance security.

Selective configuration

The system supports selective confi guration ba sed on the user or cl i ent/server.

Multiple logging levels

Multipl e logging levels can be confi gured to get information about system activi ty and infiltrations .

Web interface

Configura tion, admi ni stration a nd l i cense management are offered through an i ntui tive and user-friendly Web interface.

Remote administration

The system supports ESET Remote Administrati on for mana gement in la rge computer networks.

No external libraries

The ESET Fil e Securi ty instal lation does not require external li braries or programs except for LIBC.

User-specified notification

The system can be configured to notify specifi c users in the event of a detected infiltration or other important events.

Low system requirements

To run effici ently, ESET Fil e Security requires j ust 16MB of hard-disk space and 32MB of RAM. It runs smoothly under the 2.2.x,

2.4.x a nd 2.6.x Linux OS kernel vers ions as well as under 5.x, 6.x FreeBSD OS kernel versions.

3

Performance and scalability

From lower-powered, smal l offi ce servers to enterprise-class ISP servers wi th thousands of users, ESET Fil e Security delivers
the performance and s cal ability you expect from a UNIX bas ed solution, in additi on to the unequaled s ecurity of ESET products.

4

2. Terminology and abbreviations

In this section we will review the terms a nd a bbreviations used i n thi s document. Note that a boldface font is reserved for
product component names and als o for newly defined terms and abbreviations. Terms a nd a bbreviations defined i n this chapter
are expanded upon later in this document.

ESETS

ES ET Security

operating s ystems. It is a lso the name (or i ts part) of the software package containing the products.

RSR

Abbreviation for ‘RedHat/Novell(SuSE) Ready’. Note that we also support RedHat Ready and Novell(SuSE) Ready varia tions of
the product. The RSR package di ffers from the ‘standard’ Linux version in that it meets the FHS (File-system Hierarchy Standard
defined as a part of Linux Standa rd Bas e) criteri a required by the RedHat Ready and Novell(SuSE) Ready certifi ca te. This means
that the RSR package is installed as an add-on application - the pri mary i nstal l ation directory i s ‘/opt/eset/esets’.

ESETS daemon

The mai n ESETS sys tem control and scanni ng daemon:

ESETS base directory

The directory where ESETS loadabl e modules contai ni ng the virus signature database are stored. The abbreviation

@ BA SE D IR @

lis ted below:

Linux: /var/lib/esets
Linux RSR: /var/opt/eset/esets/lib
FreeBSD: /var/lib/esets
NetBSD: /var/lib/esets
Solaris: /var/opt/esets/lib

is a standard acronym for all s ecurity products developed by ESET, spol. s r. o. for Linux, BSD and Sol ari s

esets_d a emo n

wil l be used for future references to this directory. The

.

@ BA SE D IR @

value for the foll owing Opera ting Systems i s

ESETS configuration directory

The directory where al l files related to the ESET Fil e Security configuration are stored. The abbrevia tion
used for future references to this di rectory. The

Linux: /etc/esets
Linux RSR: /etc/opt/eset/esets
FreeBSD: /usr/local/etc/esets
NetBSD: /usr/pkg/etc/esets
Solaris: /etc/opt/esets

@ ETCDIR @

value for the foll owing Opera ting Systems i s listed below:

ESETS configuration file

Mai n ESET Fil e Security configura tion file. The abs olute path of the file is as foll ows:

@ETCDIR@/esets.cfg

ESETS binary files directory

The directory where the relevant ESET Fil e Securi ty bi nary fi l es are stored. The abbreviation
references to thi s directory. The

Linux: /usr/bin
Linux RSR: /opt/eset/esets/bin
FreeBSD: /usr/local/bin
NetBSD: /usr/pkg/bin
Solaris: /opt/esets/bin

@ BIND IR@

value for the foll owing Opera ting Systems i s listed below:

@ BIND IR@

ESETS system binary files directory

The directory where the relevant ESET Fil e Securi ty system binary files are stored. The abbreviation
for future references to this directory. The

@ SB IN D IR@

value for the foll owing Opera ting Systems i s listed below:

@ ETCDIR @

wil l be

wil l be used for future

@ SB IN D IR@

wil l be used

Linux: /usr/sbin
Linux RSR: /opt/eset/esets/sbin
FreeBSD: /usr/local/sbin
NetBSD: /usr/pkg/sbin
Solaris: /opt/esets/sbin

5

ESETS object files directory

The directory where the relevant ESET Fil e Securi ty obj ect files and librari es are stored. The abbreviation
used for future references to this di rectory. The

Linux: /usr/lib/esets
Linux RSR: /opt/eset/esets/lib
FreeBSD: /usr/local/lib/esets
NetBSD: /usr/pkg/lib/esets
Solaris: /opt/esets/lib

@ LIBD IR @

value for the foll owing Opera ting Systems i s listed below:

@ LIBD IR @

wil l be

6

3. Installation

After purchasing ESET File Security, you wil l receive your a uthoriza tion data (us ername, pass word and li cense key). This data
is necessary for both identifyi ng you as our cus tomer and al lowing you to downl oad upda tes for ESET File Security. The
username/pass word data is a lso required for downloading the ini tial i nstal lation package from our web si te. ESET Fil e Securi ty
is dis tri buted as a bi nary fi l e:

esets.i386.ext.bin

In the binary fi l e shown above,

‘ex t’

is a Linux, BSD and Sol ari s OS di s tri bution dependent suffi x, i.e., ‘deb’ for Debian, ‘rpm’ for
RedHat and SuSE, ‘tgz’ for other Linux OS distributions, ‘fbs5.tgz’ for FreeBSD 5.x, ‘fbs6.tgz’ for FreeBSD 6.x, ‘nbs4.tgz’ for NetBSD 4.
xx a nd ‘s ol10.pkg.gz‘ for Sola ri s 10.

Note that the Linux RSR binary file format is:

esets-rsr.i386.rpm.bin

To install or upgrade the product, use the following command:

sh ./esets.i386.ext.bin

For the Linux RSR vari ation of the product, use the command:

sh ./esets-rsr.i386.rpm.bin

to displa y the product’s User License Acceptance Agreement. Once you have confirmed the Acceptance Agreement, the
installation packa ge is pl aced i nto the current working directory and relevant informati on regardi ng the package’s installati on,
un-instal lation or upgrade is displa yed ons creen.

Once the package is installed, you can verify that the main ESETS servi ce is running by using the foll owing command:

Linux OS:

ps -C esets_daemon

BSD OS:

ps -ax | grep esets_daemon

Solaris:

ps -A | grep esets_daemon

After pressing ENTER, you s houl d see the following (or s i mila r) mess age:

PID TTY TIME CMD
2226 ? 00:00:00 esets_daemon
2229 ? 00:00:00 esets_daemon

At least two ESETS daemon process es are running in the background. The first PID represents the process and threads mana ger
of the sys tem. The other represents the ESETS sca nni ng process.

7