ESET FILE SECURITY - FOR LINUX BSD AND SOLARIS, FILE SECURITY Installation Manual

ESET File Security

Installation Manual and User Guide

Linux, BSD and Solaris

ESET File Security

Copyright ©2011 by ESET, spol. s r. o.

ESET File Security was developed by ESET, spol. s r. o.
For more information visit www.es et.com.
All rights res erved. No part of this documentation ma y be reproduce d,
stored in a retri eva l syste m or transmi tte d in any form or by any
mea ns, ele ctronic, mecha nical , photocopying, recording, scanning, or
othe rwis e without permis sion in wri ting from the author.
ESET, spol . s r. o. res erve s the right to cha nge any of the describe d
applic ation software without prior notic e.

Customer Care Worldwide : www.es et.eu/support
Customer Care North America: www.e se t.com/support

REV. 2011-02 -08

Contents

..................................................................3

1. Introduction

.........................................................................................3

Mai n functionali ty1.1

.........................................................................................3

Key features of the sys tem1.2

..................................................................5

2. Terminology and abbreviations

..................................................................7

3. Installation

..................................................................8

4. Architecture Overview

..................................................................10

5. Integration with File System services

.........................................................................................10

On-demand scanner5.1

.........................................................................................10

On-access scanner powered by Dazuko5.2

................................................................................10Opera tion principle5.2.1

................................................................................11Installa tion and configuration5.2.2

................................................................................11Tips5.2.3

.........................................................................................11

On-access scanner us ing prel oad LIBC l ibra ry5.3

................................................................................12Opera tion principle5.3.1

................................................................................12Installa tion and configuration5.3.2

................................................................................12Tips5.3.3

..................................................................13

6. Important ESET File Security mechanisms

.........................................................................................13

Handle Object Pol i cy6.1

.........................................................................................13

User Speci fi c Configura tion6.2

.........................................................................................14

Sampl es Submis sion Sys tem6.3

.........................................................................................14

Web Interface6.4

................................................................................15Licens e ma nagement6.4.1

................................................................................16On-Access scanner (DAC) configuration example6.4.2

................................................................................16On-Dema nd scanner6.4.3

................................................................................17Statis tic s6.4.4

.........................................................................................17

Remote Admini s tration6.5

................................................................................18Remote Admini stration us age example6.5.1

.........................................................................................20

Logging6.6

..................................................................21

7. ESET Security system update

.........................................................................................21

ESETS update utility7.1

.........................................................................................21

ESETS update process description7.2

.........................................................................................21

ESETS mirror http daemon7.3

..................................................................22

8. Let us know

..................................................................23

9. Appendix A. PHP License

3

1. Introduction

Dear user, you have acqui red ESET File Security - the premier security sys tem runni ng under the Linux, BSD and Solaris OS. As
you will soon find out, ESET's state-of-the-art scanning engine has unsurpas sed scanning speed and detection ra tes combined
with a very s mal l footprint that makes i t the ideal choi ce for any Linux, BSD and Solaris OS server.

1.1 Main functionality

On-demand scanner

The On-demand sca nner can be invoked by a privileged user (usuall y a system admi ni strator) through either the command
line interface or the web interface; or by the operating s ys tem's automatic schedul ing tool (e.g., cron). Thus, the term

O n -dem an d

refers to fil e system objects being scanned on user or s ys tem demand.

On-access scanner

The On-access s canner is i nvoked whenever a us er a nd/or operating s ys tem attempts to access fil e system objects . This a lso
cl arifies the use of the term

O n -a ccess

; becaus e a s can i s tri ggered by any attempt to access fil e system objects .

1.2 Key features of the system

Advanced engine algorithms

The ESET antivirus scanni ng engine algori thms provi de the highest detection rate and the fas test scanni ng times.

Multi-processing

ESET File Security is developed to run on s i ngle- as well as multi-process or units.

Advanced Heuristics

ESET File Security includes unique adva nced heuristics for Win32 worms, ba ckdoor i nfections and other forms of malware.

Built-In features

Built-in a rchivers unpack a rchived objects without the need for any external progra ms.

Speed and efficiency

To increase the speed and efficiency of the system, its archi tecture is ba sed on the runni ng da emon (resi dent program) where
al l sca nni ng requests a re sent.

Enhanced security

All executive daemons (except esets_dac) run under non-pri vileged user account to enhance security.

Selective configuration

The system supports selective confi guration ba sed on the user or cl i ent/server.

Multiple logging levels

Multipl e logging levels can be confi gured to get information about system acti vi ty and infiltrations .

Web interface

Configura tion, admi ni strati on a nd l i cense management are offered through an i ntui tive and user-friendly Web interface.

Remote administration

The system supports ESET Remote Administrati on for mana gement in la rge computer networks.

No external libraries

The ESET Fil e Securi ty instal lation does not require external li braries or programs except for LIBC.

User-specified notification

The system can be configured to notify speci fi c users i n the event of a detected infiltration or other important events.

Low system requirements

To run effici ently, ESET Fil e Security requires j ust 16MB of hard-disk space and 32MB of RAM. It runs smoothly under the 2.2.x,

2.4.x a nd 2.6.x Linux OS kernel vers ions as well as under 5.x, 6.x FreeBSD OS kernel versions.

4

Performance and scalability

From lower-powered, smal l offi ce servers to enterprise-cla ss ISP servers wi th thousands of users, ESET Fil e Securi ty delivers
the performance and s cal ability you expect from a UNIX based s ol ution, in addition to the unequaled security of ESET products.

5

2. Terminology and abbreviations

In this section we will review the terms a nd a bbreviations used i n thi s document. Note that a boldface font is reserved for
product component names and al s o for newly defined terms and abbrevi ations. Terms a nd a bbreviations defined i n this chapter
are expanded upon later in this document.

ESETS

ES ET Security

is a standard acronym for all s ecurity products developed by ESET, spol. s r. o. for Linux, BSD and Sol ari s

operating s ystems. It is a lso the name (or i ts part) of the software package containing the products.

RSR

Abbreviation for ‘RedHat/Novell(SuSE) Ready’. Note that we also support RedHat Ready and Novell(SuSE) Ready varia tions of
the product. The RSR package di ffers from the ‘standard’ Linux version in that it meets the FHS (File-system Hierarchy Standard
defined a s a part of Linux Standa rd Bas e) criteri a required by the RedHat Ready and Novell(SuSE) Ready certi fi ca te. This means
that the RSR package is installed as an add-on application - the primary i ns tal l ation directory i s ‘/opt/eset/esets’.

ESETS daemon

The mai n ESETS system control and s ca nni ng da emon:

esets_d a emo n

.

ESETS base directory

The directory where ESETS loada bl e modules contai ni ng the virus signature databa se are stored. The abbreviation

@ BA SE D IR @

wil l be used for future references to this directory. The

@ BA SE D IR @

value for the foll owing Opera ting Systems i s

lis ted below:

Linux: /var/lib/esets
Linux RSR: /var/opt/eset/esets/lib
FreeBSD: /var/lib/esets
NetBSD: /var/lib/esets
Solaris: /var/opt/esets/lib

ESETS configuration directory

The directory where al l files related to the ESET Fil e Security configuration are stored. The abbrevia tion

@ ETCDIR @

wil l be

used for future references to this di rectory. The

@ ETCDIR @

value for the foll owing Opera ting Systems i s listed below:

Linux: /etc/esets
Linux RSR: /etc/opt/eset/esets
FreeBSD: /usr/local/etc/esets
NetBSD: /usr/pkg/etc/esets
Solaris: /etc/opt/esets

ESETS configuration file

Mai n ESET Fil e Security configura tion file. The abs olute path of the file is as foll ows:

@ETCDIR@/esets.cfg

ESETS binary files directory

The directory where the relevant ESET Fil e Securi ty bi na ry fil es are stored. The abbrevia tion

@ BIND IR@

wil l be used for future

references to thi s directory. The

@ BIND IR@

value for the foll owing Opera ting Systems i s listed below:

Linux: /usr/bin
Linux RSR: /opt/eset/esets/bin
FreeBSD: /usr/local/bin
NetBSD: /usr/pkg/bin
Solaris: /opt/esets/bin

ESETS system binary files directory

The directory where the relevant ESET Fil e Securi ty s ystem binary fi les are stored. The abbrevi ation

@ SB IN D IR@

wil l be used

for future references to this directory. The

@ SB IN D IR@

value for the foll owing Opera ting Systems i s listed below:

Linux: /usr/sbin
Linux RSR: /opt/eset/esets/sbin
FreeBSD: /usr/local/sbin
NetBSD: /usr/pkg/sbin
Solaris: /opt/esets/sbin

6

ESETS object files directory

The directory where the relevant ESET Fil e Securi ty obj ect files and l ibra ri es are stored. The abbrevia tion

@ LIBD IR @

wil l be

used for future references to this di rectory. The

@ LIBD IR @

value for the foll owing Opera ting Systems i s listed below:

Linux: /usr/lib/esets
Linux RSR: /opt/eset/esets/lib
FreeBSD: /usr/local/lib/esets
NetBSD: /usr/pkg/lib/esets
Solaris: /opt/esets/lib

7

3. Installation

After purchasing ESET Fil e Security, you wil l receive your a uthoriza tion data (us ername, pass word and l i cense key). This data
is necessary for both identifyi ng you a s our cus tomer and al lowing you to downl oad upda tes for ESET File Security. The
username/pas s word data is a lso required for downloading the ini tial i nstal lation package from our web si te. ESET Fil e Securi ty
is dis tri buted as a bi nary fi l e:

esets.i386.ext.bin

In the binary fi l e shown above,

‘ex t’

is a Linux, BSD and Sol ari s OS di s tri bution dependent suffi x, i.e., ‘deb’ for Debian, ‘rpm’ for
RedHat and SuSE, ‘tgz’ for other Linux OS distri butions , ‘fbs5.tgz’ for FreeBSD 5.x, ‘fbs6.tgz’ for FreeBSD 6.x, ‘nbs4.tgz’ for NetBSD 4.
xx a nd ‘s ol10.pkg.gz‘ for Sol a ri s 10.

Note that the Linux RSR binary file format is:

esets-rsr.i386.rpm.bin

To install or upgrade the product, use the following command:

sh ./esets.i386.ext.bin

For the Linux RSR vari ation of the product, use the command:

sh ./esets-rsr.i386.rpm.bin

to displa y the product’s User License Acceptance Agreement. Once you have confirmed the Acceptance Agreement, the
installation packa ge is pl aced i nto the current working directory a nd relevant informati on regardi ng the package’s installati on,
un-instal lati on or upgrade is displa yed ons creen.

Once the package is installed, you can verify that the main ESETS servi ce i s running by using the foll owing command:

Linux OS:

ps -C esets_daemon

BSD OS:

ps -ax | grep esets_daemon

Solaris:

ps -A | grep esets_daemon

After pressing ENTER, you should see the foll owing (or si milar) message:

PID TTY TIME CMD
2226 ? 00:00:00 esets_daemon
2229 ? 00:00:00 esets_daemon

At least two ESETS daemon process es a re running in the background. The firs t PID represents the process and threads manager
of the sys tem. The other represents the ESETS sca nni ng process.