Page 1
w e p r o t e c t d i g i t a l w o r l d s
ESET NOD32 Antivirus
for Novell Netware Server
Installation
Page 2
Copyr ight © Eset, spol. s r. o.
All rights reser ved.
No p art of this docume nt may be repro duced or tran smitte d
in a ny form or by any me ans ele ctroni c or m echani cal, fo r
any p urpose witho ut the express writt en perm ission of
Eset, spol. s r. o. Infor mation in thi s docu ment is subje ct to
chan ge with out pr ior no tice.
Cert ain na mes of program produc ts an d compa ny nam es
used in thi s
docu ment mi ght be regist ered tr ademark s or t rademar ks
owned by ot her ent ities.
Eset, NOD32 and AM ON are tradem arks o f Eset, spol. s r. o.
Micro soft a nd Window s are r egister ed trad emarks of
Micro soft Co rporat ion.
Eset , spol. s r. o.
Svora dova 1, 811 0 3 Brati slava, Slovak Republ ic
http ://ww w.eset.s k/en
Techni cal Su pport Wo rldwide :
http ://ww w.eset.co m/supp ort
Techni cal Su pport for Eur ope:
http ://ww w.eset.e u/suppo rt
REV.20 071116 -002
2
ESET NOD32 A ntiviru s for No vell Ne tware Se rver
Page 3
1. Introduction
This User Guide describes the usage of ESET NOD32
Antivirus for Novell Netware Ser ver (or just ESET NOD32
Antivirus for Novell), namely:
– installation of the product,
– conguration of individual modules,
– updating of the product.
ESET NOD32 Antivirus for Novell consists of the following NLM modules:
– AMON.NLM – on-access scanner, which automatically
scans les accessed from the network or locally, or -
les saved to the server.
– NOD32.NLM – on- demand scanner, which can be di-
rected to scan certain groups of les on the disk (usu-
ally folders, volumes, or the whole hard disk). In this
case, it is only a single action – after it is completed,
the NOD32.NLM module is removed from memory.
– NOD32UP2.NLM – module providing a virus signatu-
re database update for the modules AMON.NLM and
NOD32.NLM.
2. Installation
Create a directory named, for example NOD32, on volume SYS: and copy les from the installation packages
for the ESET NOD32 Antivirus for Novell into it. It is recommended to enable automatic star tup of AMON.NLM and
NOD32.NLM after each start of the server. We recommend
enabling the startup using the system le AUTOEXEC.NCF
with these commands:
LOAD SYS:/NOD32/AMON
LOAD SYS:/NOD32/NOD32UPD [parameters]
Individual parameters are described in the following
chapters. In the case of the module AMON, it is recommended to provide accessibility of the le AMON.CFG,
which will transfer conguration to AMON at startup.
and insert the following into it:
recipient=network_administrator_login
notify
clean
delete
log
Then load AMON - memory-resident monitor using
the following command on the Novell system console:
LOAD SYS:/NOD32/AMON.NLM
With the above mentioned setting, AMON will send
information about inltrations to the user net work_administrator_login, but also to a user, who manipulated
with the infected le (parameter notify). At the same
time, AMON will attempt to clean the infected le, and if
it is not possible, the le will be deleted.
Next, it is required to provide updates for ESET NOD32
Antivirus for Novell. This product does not download virus
updates from Internet update servers, but it uses a mirror
directory created for example by NOD32 for Windows Professional Edition. The mirror directory must be located on
the same hard disk as the installation of ESET NOD32 Antivirus for Novell (let us assume it is located in SYS:/PUBLIC/
MIRROR). To congure the mirror correctly, run this command on the console to set up and launch the NOD32UP2.
NLM module:
LOAD SYS:/NOD32/NOD32UP2.NLM SYS:/PUBLIC/MIRROR/
-update -period=60
Now ESET NOD32 Antivirus for Novell will be updated
from the mirror directory SYS:/PUBLIC/MIRROR every hour
(parameter -period=60).
It is recommended to enable automatic startup of
AMON.NLM and NOD32UP2.NLM at each ser ver startup
using system le AUTOEXEC.NCF.
3. Modules
AMON.NLM
Quick guide through the complete
installation
Extract the installation package. eg: into volume SYS:/
NOD32. Also, it is recommended to create le AMON.CFG
ESET NOD32 A ntiviru s for No vell Ne tware Se rver
To load AMON, use the following command on the system console:
LOAD SYS:/NOD32/AMON
To unload AMON from memory, use the following command:
UNLOAD AMON
3
Page 4
AMON.CFG
If there is present the le AMON.CFG in the directory
with the module AMON.NLM, conguration from AMON.
CFG will be transferred to AMON at its startup.
Syntax of the le AMON.CFG is as follows (each line
may contain one of the following switches one switch
per line):
onread+ (default setting)
Files will be tested in a moment when a command to
open/read is detected.
The opposite switch is: onread-
onwrite+ (default setting)
Files are tested at the moment when a command to
create/modify is detected.
The opposite switch is: onwrite-
onrename+ (default setting)
Files are tested at the moment when a command to
rename is detected.
The opposite switch is: onrename-
all (default setting)
All les are tested. O therwise, if the parameter all-
is used, only extensions dened by the Eset Compa-
ny are tested.
notify
When an inltration is detected, AMON sends a mes-
sage to the user who attempted to access the infected
le (using the NetWare Message PopUp Service).
recipient=user1, user2 ...
When an inltration is detected, AMON sends a mes-
sage to all users in the list. It is possible to list more
users – in this case, use commas to delimit them –
see the example above.
Other parameters:
pattern
log
logappend
logrewrite
clean
rename
delete
heur
heursafe
heurstd
heurdeep
These switches are identical to those used in module
NOD32.NLM. They are described below (when entering parameters, always omit the hyphen).
NOD32.NLM
To run the NOD32 diagnostic scan or clean, enter the com-
mand as follows:
LOAD SYS:/NOD32/NOD32 [parameters] [path list]
If [path list] is not entered, NOD32 will automatically scan
whole disk.
Parameters:
-? -h -help
Displays list of parameters with descriptions.
-subdir+ (default setting)
Enables testing of subdirectories.
The opposite switch is: -subdir-
-pack+
Enables testing of internally compressed les.
The opposite switch is: -pack- (default setting)
-arch+
Enables testing of archives (ZIP, RAR, ARJ...).
The opposite switch is: -arch- (default setting)
-pattern+ (default setting – recommended)
Enables testing using virus signatures.
The opposite switch is: -pattern-
-heur+ (default setting – recommended)
Enables detection using a heuristics method.
The opposite switch is: -heur-
There are three levels of heuristics analysis sensitivi-
ty:
-heursafe
-heurstd (default setting – recommended)
-heurdeep
Actions to take after an inltration is found can be
modied with the following parameters. The parameters can be suitably combined with each other. For example, parameters -clean -delete provide that an infec ted
le, which cannot be cleaned, will be deleted. In case of
the module AMON.NLM, not using any of the three fol-
4
ESET NOD32 A ntiviru s for No vell Ne tware Se rver
Page 5
lowing parameters will result only in blocking access to
infected les.
-clean
Automatically cleans infected les.
-rename
Renames infected les.
-delete
Deletes infected les.
-prompt (not available for AMON.NLM)
Displays a dialog window individually on every infected le.
-log+ (default setting)
Enables logging to le (le NOD32.LOG, or AMON.
LOG).
The opposite switch is: -log-
Log maintenance:
-logappend (default setting)
New information is attached to the end of existing
log le.
-logrewrite
Logle will be deleted with each module’s startup.
-log=<lename>
Use this parameter to create your own log le.
Other parameters:
-list+
Enables listing of all scanned objects.
The opposite switch is: -list- (default setting)
The syntax is as follows:
LOAD SYS:/NOD32/NOD32UP2 mirror_directory [folder_
with_NLM_modules] [parameters]
Only mirror_directory, or a path to the mirror folder is
required. This folder will provide update les for the
modules NOD32.NLM and AMON.NLM.
[directory_with_NLM_modules] is optional in case
the le NOD32UP2.NLM is located in the directory together with les NOD32.NLM and AMON.NLM.
Possible parameters:
-update
Provides NOD32 updates (other wise, available updates will be displayed only).
-period=n
This parameter triggers update attempts every n minutes. We recommend updating every hour (-peri-
od=60).
-show_retvals
Use of this parameter returns all possible return values with brief comments.
-help
Will list all parameters with brief comments.
Special parameters:
-no_signature
This parameter can be used to avoid error No. 107. The
error means that update les have an invalid digital
signature.
Conguration – a practical example:
LOAD SYS:/NOD32/NOD32 -pack+ -arch+ -clean -delete
(Control of the whole disk including internally compressed les and archives. In case an inltration is found, a le will be cleaned or deleted.)
NOD32UP2.NLM
This product does not download virus updates direc tly
from Internet update servers, but it uses a mirror directory
created, for example, by ESET NOD32 Antivirus 2.7 Mirror
Server (LAN Update Server). The mirror directory must be
located on the same hard disk as the installation of ESET
NOD32 Antivirus for Novell.
ESET NOD32 A ntiviru s for No vell Ne tware Se rver
Update - a practical example:
LOAD SYS:/NOD32/NOD32UP2.NLM SYS:/PUBLIC/MIRROR/
-update -period=60
(The modules AMON.NLM and NOD32.NLM will be
updated every hour from the mirror directory: SYS:/
PUBLIC/MIRROR/).
5
Loading...