F-secure ANTI-VIRUS LINUX CLIENT SECURITY ADMINISTRATOR GUIDE
F-Secure Anti-Virus
Linux Client Security
Administrator’s Guide
"F-Secure" and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure
product names and symbols/logos are either trademarks or registered trademarks of F-Secure
Corporation. All product names referenced herein are trademarks or registered trademarks of their
respective companies. F-Secure Corporation disclaims proprietary interest in the marks and names of
others. Although F-Secure Corporation makes every effort to ensure that this information is accurate,
F-Secure Corporation will not be liable for any errors or omission of facts contained herein. F-Secure
Corporation reserves the right to modify specifications cited in this document without prior notice.
Companies, names and data used in examples herein are fictitious unless otherwise noted. No part of
this document may be reproduced or transmitted in any form or by any means, electronic or
mechanical, for any purpose, without the express written permission of F-Secure Corporation.
This product may be covered by one or more F-Secure patents, including the following:
GB2353372 GB2366691 GB2366692 GB2366693 GB2367933 GB2368233
GB2374260
Copyright © 2007 F-Secure Corporation. All rights reserved. 12000074-07B27
Contents
Chapter 1 Introduction 5
1.1 Welcome......................................................................................................................6
1.2 How the Product Works ...............................................................................................6
1.3 Key Features and Benefits...........................................................................................9
1.4 F-Secure Anti-Virus Server and Gateway Products...................................................11
Chapter 2 Deployment 13
2.1 Deployment on Multiple Stand-alone Linux Workstations..........................................14
2.2 Deployment on Multiple Centrally Managed Linux Workstations...............................14
2.3 Central Deployment Using Image Files......................................................................15
Chapter 3 Installation 16
3.1 System Requirements................... ... ... ... .... ... ... ... .... ... ... ....................................... ... ...17
3.2 Installation Instructions...............................................................................................18
3.2.1 Stand-alone Installation..................................................................................19
3.2.2 Centrally Managed Installation.......................................................................21
3.3 Upgrading from a Previous Product Version..............................................................24
3.4 Upgrading the Evaluation Version.................... ... .... ... ... ... ... .......................................25
3.5 Replicating Software Using Image Files ....................................................................26
3.6 Preparing for Custom Installation...............................................................................26
3.7 Unattended Installation ..............................................................................................27
3.8 Installing Command Line Scanner Only.....................................................................28
3.9 Creating a Backup...................................................... ... ... ... .......................................29
1
3.10 Uninstallation..............................................................................................................30
Chapter 4 Getting Started 31
4.1 Accessing the Web User Interface.............................................................................32
4.2 Basics of Using F-Secure Policy Manager.................................................................32
4.3 Testing the Antivirus Protection .................................................................................33
Chapter 5 User Interface - Basic Mode 34
5.1 Summary .................................. .................................................... ............................. 35
5.2 Common Tasks..........................................................................................................36
Chapter 6 User Interface - Advanced Mode 37
6.1 Alerts..........................................................................................................................38
6.2 Virus Protection......................... .... ... ... ... ....................................... ... .... ... ... ... ... ..........40
6.2.1 Real-Time Scanning.......................................................................................40
6.2.2 Scheduled Scanning.......................................................................................44
6.2.3 Manual Scanning............................................................................................44
6.3 Firewall Protection......................................................................................................49
6.3.1 General Settings............ ....................................... ... .... ... ................................51
6.3.2 Firewall Rules.................................................................................................52
6.3.3 Network Services............................................................................................54
6.4 Integrity Checking ..... .... ... ... ....................................... ... ... ... .......................................57
6.4.1 Known Files....................................................................................................57
6.4.2 Verify Baseline................................................................................................61
6.4.3 Generate Baseline......... .... ... ... ... .... ... ....................................... ... ... ... .............61
6.4.4 Rootkit Prevention................... ... .... ... ... ....................................... ... ... ... ..........63
6.5 General Settings ....... .... ... ....................................... ... ... ....................................... ... ...64
6.5.1 Communications.............................................................................................64
6.5.2 Automatic Updates.........................................................................................66
6.5.3 About..............................................................................................................69
Chapter 7 Command Line Tools 70
7.1 Overview....................................................................................................................71
7.2 Virus Protection......................... .... ... ... ... ....................................... ... .... ... ... ... ... ..........71
7.2.1 fsav.................................................................................................................71
2
7.2.2 dbupdate.........................................................................................................72
7.3 Firewall Protection......................................................................................................72
7.3.1 fsfwc...............................................................................................................73
7.4 Integrity Checking ..... .... ... ... ....................................... ... ... ....................................... ...73
7.4.1 fsic..................................................................................................................73
7.4.2 fsims...............................................................................................................74
7.5 General Command Line Tools...................................................................................74
7.5.1 fssetlanguage.................................................................................................74
7.5.2 fsma................................................................................................................75
7.5.3 fsav-config......................................................................................................76
AppendixA Installation Prerequisites 77
A.1 All 64-bit Distributions ............................................................................................... 78
A.2 Red Hat Enterprise Linux 4................. .......................................................................78
A.3 Debian 3.1 and Ubuntu 5.04, 5.10, 6.06....................................................................79
A.4 SuSE..........................................................................................................................80
A.5 Turbolinux 10 ......................... ... .... ... ... ... .... ... ... ....................................... ... ... ... ..........80
AppendixB Installing Required Kernel Modules Manually 81
B.1 Introduction ............................................................................................................... 82
B.2 Before Installing Required Kernel Modules................................................................82
B.3 Installation Instructions...............................................................................................82
AppendixC List of Used System Resources 84
C.1 Overview ................................................................................................................... 85
C.2 Installed Files ................... ... ... ... .... ... ....................................... ... ... ... .... ... ... ................85
C.3 Network Resources....................................................................................................85
C.4 Memory ......................................................................................................................86
C.5 CPU............................................................................................................................86
AppendixD Troubleshooting 87
D.1 User Interface............................................................................................................ 88
D.2 F-Secure Policy Manager...........................................................................................89
3
D.3 Integrity Checking ............................ ... ... .... ... ....................................... ... ... ... .............89
D.4 Firewall.......................................................................................................................91
D.5 Virus Protection... ... ... ....................................... ... .... ... ... ... ... .......................................93
D.6 Generic Issues ...........................................................................................................93
AppendixE Man Pages 96
Technical Support 165
Introduction ...................................................................................................................... 166
F-Secure Online Support Resources ...............................................................................166
Web Club .... ... ....................................... ... ... ....................................... ... ... .... ....................167
Virus Descriptions on the Web .........................................................................................167
4
1
INTRODUCTION
Welcome....................................................................................... 6
How the Product Works................................................................ 6
Key Features and Benefits........................................................... 9
F-Secure Anti-Virus Server and Gateway Products................... 11
5
6
1.1 Welcome
Welcome to F-Secure Anti-Virus Linux Server Security.
Computer viruses are one of the most harmful threats to the security of
data on computers. Viruses have increased in number from ju st a handful
a few years ago to many thousands today. While some viruses are
harmless pranks, other viruses can destroy data and pose a real threat.
The product provides an integrated, out-of-the-box rea dy security solution
with a strong real-time antivirus protection and a host intrusion prevention
(HIPS) functionality that provides protectio n again st unauthorized
connection attempts from network, unauthorized system modifications,
userspace and kernel rootkits. The solution can be easily deployed and
managed either using the local graphical user interface or F-Secure
Policy Manager.
F-Secure Policy Manager provides a tightly integrated infrastructure for
defining and distributing security policies and monitoring the security of
different applications from one central location.
1.2 How the Product Works
The product detects and prevents intrusions and protects against
malware. With the default settings, workstations and servers are
protected right after the installation without any time spent configuring the
product.
Protection Against Malware
The product protects the system against viruses and potentially malicious
files.
When user downloads a file from the Internet, for example by clicking a
link in an e-mail message, the file is scanned when the user tries to open
it. If the file is infected, the product protects the system against the
malware.
Real-time Scanning
Real-time scanning gives you continuous protection against viruses as
files are opened, copied, and downloaded from the Web. Real-time
scanning functions transparently in the background, looking for viruses
whenever you access files on the hard disk, diskettes, or network drives.
If you try to access an infected file, the real-tim e pr ot ec tio n au to matically
stops the virus from executing.
Manual Scanning And Scheduled Scanning
When the real-time scanning has been configured to scan a limited set of
files, the manual scanning can be used to scan the full system or yo u can
use the scheduled scanning to scan the full system at regular intervals.
Automatic Updates
Automatic Updates keep the virus definitions always up-to-date. The virus
definition databases are updated automatica lly after the pr oduct has been
installed. The virus definitions updates are signed by the F-Secure
Anti-Virus Research Team.
Host Intrusion Prevention System
CHAPTER 1 7
Introduction
The Host Intrusion Prevention System (HIPS) detects any malicious
activity on the host, protecting the system on many levels.
Integrity Checking
Integrity Checking protects the system against unauthorized
modifications. It is based on the concept of a known good configuration the product should be installed before the server or workstation is
connected to the network to guarantee that the system is in a known g ood
configuration.
You can create a baseline of the system files you want to protect and
block modification attempts of protected files for all users.
8
Firewall
The firewall component is a stateful packet filtering firewall which is based
on Netfilter and Iptables. It protects computers against unauthorized
connection attempts. You can use predefined security profiles which are
tailored for common use cases to select the traffic you want to allow and
deny.
Protection Against Unauthorized System Modifications
If an attacker gains a shell access to the system and tries to add a user
account to login to the system later, Host Intrusion Prevention System
(HIPS) detects modified system files and alerts the administrator.
Protection Against Userspace Rootkits
If an attacker has gained an access to the system and tries to install a
userspace rootkit by replacing various system utilities, HIPS detects
modified system files and alerts the administrator.
Protection Against Kernel Rootkits
If an attacker has gained an access to the system and tries to install a
kernel rootkit by loading a kernel module for example through /sbin/
insmod or /sbin/modprobe, HIPS detects the attempt, pr ev en ts the
unknown kernel module from loading and alerts the administrator.
If an attacker has gained an access to the system and tries to install a
kernel rootkit by modifying the running kernel direc tly via /dev /kmem,
HIPS detects the attempt, prevents write attempts and alerts the
administrator.
1.3 Key Features and Benefits
CHAPTER 1 9
Introduction
Superior Protection
against Viruses and
Worms
Transparent to
End-users
› The product scans files on any Linux-supported file system. This
is the optimum solution for computers that run several different
operating systems with a multi-boot utility.
› Superior detection rate with multiple scanning engines.
› A heuristic scanning engine can detect suspicious, potentially
malicious files.
› The product can be configured so that the users cannot bypass
the protection.
› Files are scanned for viruses when they are opened and before
they are executed.
› Y ou ca n specify what files to scan, how to scan them , what action
to take when malicious content is found and how to alert about
the infections.
› Recursive scanning of archive files.
› Virus definition database updates are sign ed for security.
› Integrated firewall component with predefined security levels.
Each security level comprises a set of rules that allow or deny
network traffic based on the protocols used.
› The product has an easy-to-use user interface.
› The product works totally transparently to the end users.
› Virus definition databases are updated automatically without any
need for end-user intervention.
10
Protection of Critical
System Files
Easy to Deploy and
Administer
Extensive Alerting
Options
› Critical information of system files is stored and automatically
checked before access is allowed.
› The administrator can protect files against changes so that it is
not possible to install, for example, a trojan version.
› The administrator can define that all Linux kernel modules are
verified before the modules are allowed to be loaded.
› An alert is sent to the administrator when a modified system file is
found.
› The default settings apply in most systems and the product can
be taken into use without any additional configuration.
› Security policies can be configured and distributed from one
central location.
› The product has extensive monitoring and alerting functions that
can be used to notify any administrator in the company network
about any infected content that has been found.
› Alerts can be forwarded to F-Secure Policy Manager Console,
e-mail and syslog.
1.4 F-Secure Anti-Virus Server and Gateway Products
The F-Secure Anti-Virus product line consists of workstation, file server,
mail server and gateway products.
› F-Secure Messaging Security Gateway delivers the industry's
most complete and effective security for e-mail. It combines a
robust, enterprise-class messaging platform with perimeter
security, antispam, antivirus, secure messaging and outbound
content security capabilities in an easy-to-deploy, hardened
appliance.
› F-Secure Internet Gatekeeper for Linux is a high perfor mance,
totally automated web (HTTP and FTP) and e-mail (SMTP and
POP) virus scanning solution for the gateway level. F-Secure
Internet Gatekeeper works independently of firewall and e-mail
server solutions, and does not affect their performance.
› F-Secure Internet Gatekeeper (for Windows) is a high
performance, totally automated web ( HTTP and FTP-over-HTTP)
and e-mail (SMTP) virus scanning solution for the gateway level.
F-Secure Internet Gatekeeper works independently of firewall
and e-mail server solutions, and does not affect their
performance.
› F-Secure Anti-Virus for Microsoft Exchange protects your
Microsoft Exchange users from malicious code contained within
files they receive in mail messages and documents they open
from shared databases. Malicious code is also stopped in
outbound messages and in notes being posted on Public Folders.
The product operates transparently and scans files in the
Exchange Server Information Store in real-time. Manual and
scheduled scanning of user mailboxes and Public Folders is a lso
supported.
CHAPTER 1 11
Introduction
12
› F-Secure Anti-Virus for MIMEsweeper provides a powerful
anti-virus scanning solution that tightly integrates with Clearswift
MAILsweeper and WEBsweeper products. F-Secure provides
top-class anti-virus software with fast and simple integration to
Clearswift MIMEsweeper for SMTP and MIMEsweeper for Web,
giving the corporation the powerful combination of complete
content security.
› F-Secure Anti-Virus for Citrix Servers ensures business
continuity without disruptions caused by viruses and other
malicious content. Citrix solutions enable businesses to improve
their productivity by providing easy access to information and
applications regardless of time, place and acce ss de vice .
2
DEPLOYMENT
Deployment on Multiple Stand-alone Linux Workstations.......... 14
Deployment on Multiple Centrally Managed Linux Workstations 14
Central Deployment Using Image Files...................................... 15
13
14
2.1 Deployment on Multiple Stand-alone Linux Workstations
When the company has multiple Linux workstations deployed, but they
are not managed centrally, the workstation users can install the software
themselves.
› In organizations with few Linux machines, the graphical user
interface can be used to manage Linux workstations instead of
F-Secure Policy Manager. For more information on stand-alone
installation without F-Secure Policy Manager, see “Stand-alone
Installation”, 19.
› Centrally Managed installation with F-Secure Policy Manager
installed on a separate computer is recommended. In this mode,
F-Secure Policy Manager is used to manage Linux workstations.
For more information on Centrally Managed installation, see
“Centrally Managed Installation”, 21.
The recommended deployment method is to delegate the
installation responsibility to each workstation user and then
monitor the installation progress via F-Secure Policy Manager
Console. After the installation on a host has completed, the host
sends an autoregistration request to F-Secure Policy Manager.
You can monitor with F-Secure Policy Manager Console which of
the hosts have sent an autoregistration request.
2.2 Deployment on Multiple Centrally Managed Linux Workstations
When the company has multiple Linux workstations deployed and they
are managed through Red Hat network, Ximian Red Carpet, or similar,
the software can be pushed to workstations using the existing
management framework.
2.3 Central Deployment Using Image Files
When the company has a centralized IT department that install and
maintains computers, the software can be installed centrally to all
workstations.
The recommended way to deploy the products is to create an image of a
Linux workstation with the product preinstalled. For instructions on how to
do this, see “Replicating Software Using Image Files”, 26.
CHAPTER 2 15
Deployment
3
INSTALLATION
System Requirements................................................................ 17
Installation Instructions............................................................... 18
Upgrading from a Previous Product Version.............................. 24
Upgrading the Evaluation Version.............................................. 25
Replicating Software Using Image Files..................................... 26
Preparing for Custom Installation............................................... 26
Creating a Backup...................................................................... 29
Uninstallation.............................................................................. 30
16
3.1 System Requirements
CHAPTER 3 17
Installation
Operating system:
› Novell Linux Desktop 9
› SUSE Linux 9.0, 9.1, 9.2, 9.3, 10, 10.1,
10.2
› Ubuntu 5.10 (Breezy), 6.06 (Dapper
Drake)
› SUSE Linux Enterprise Server 8, 9, 10
› SUSE Linux Enterprise Desktop 10
› Red Hat Enterprise Linux 4, 3, 2.1 AS
› Miracle Linux 2.1
› Miracle Linux 3.0
› Asianux 2.0
› Turbolinux 10
› Debian 3.1
The following 64-bit (AMD64/EM64T)
distributions are supported with 32-bit
compatibility packages:
› SUSE Linux Enterprise Server 9, 10
› SUSE Linux Enterprise Desktop 10
› Red Hat Enterprise Linux 4
› Asianux 2.0
› Turbolinux 10
Kernel version: Linux kernel 2.4 or later (for 64-bit support, Linux
kernel 2.6 or later)
Glibc version Glibc 2.2.4 or later
Processor: Intel x86
Memory: 256 MB RAM or more
Disk space: 200 MB
18
Konqueror is not a supported browser with the local user inte rface.
It is recommended to use Mozilla or Firefox browsers.
Note About Dazuko Version
The product needs the Dazuko kernel module for the real-time virus
protection, integrity checking and rootkit protection. Dazuko is an
open-source kernel module that provides an interface for the file access
control. More information is at http://www.dazuko.org
The product installs the Dazuko driver during the product installation.
The product has been tested extensively with the Dazuko version that is
included with the product. Operation with other Dazuko versions or Linux
distribution provided Dazuko versions is not su pp or te d or rec om m end ed .
3.2 Installation Instructions
The following installation modes are available:
› Stand-alone installation.
This installation mode is meant for evaluation use and for
environments with few Linux workstations or servers where
central administration with F-Secure Policy Manager is not
necessary.
When you install the product in stand-alone mode you configure
and manage the product with the web user interface that can be
opened from the system tray , or with the
(local) or
In addition to the user interface, the stand-alone installation
creates the F-Icon and a program entry under the applications
menu, and enables you to use the “right-mouse click” function.
For installation instructions, see “Stand-alone Installation”, 19.
› Centrally Managed installation.
The product is installed locally , and it is managed with F-Secure
Policy Manager that is installed on a separate computer.
https://<host.domain>:28082/ (remote) address.
.
http://localhost:28080/
Centrally managed installation is the recommended installation
mode when taking the product into use in a large network
environment.
For installation instructions, see “Centrally Managed Installation”,
21.
› For information on how to install the product on multiple
computers, see “Replicating Software Using Image Files”, 26.
› For information on how to install the product in the unattended
mode, which does not ask any questions during the installation,
see “Unattended Installation”, 27.
IMPORTANT: If you have some other vendor’s antivirus software
installed on the computer, you must uninst all it before installing the
product.
3.2.1 Stand-alone Installation
During the installation, you must have a compiler and the kernel source
installed. Read the documentation of your distribution on how to check
that the required tools are installed. For some common
distribution-specific instructions how to install required tools to the
computer, see “Installation Prerequisites”, 77.
CHAPTER 3 19
Installation
It is recommended to use the default settings during the installation. To
select the default value, press
installation.
Follow these instructions to install the product in stand-alone mode. You
will need to install the product using an account with root privileges.
1. Copy the installation file to your hard disk. Use the following
command to extract the installation file:
tar zxvf f-secure-linux-client-security-<version>.<build>.tgz
2. Make sure that the installation file is executable:
chmod a+x f-secure-linux-client-security-<version>.<build>
3. Run the following command to start the installation:
./f-secure-linux-client-security-<version>.<build>
ENTER to any question during the
20
4. Select the language you want to use in the web user interface during
the installation.
Select language to use in Web User Interface
[1] English (default)
[2] Japanese
[3] German
5. The installation displays the license agreement. If you accept the
agreement, answer
yes press ENTER to continue.
6. Enter the keycode to install the full, licensed version of the product.
Enter the keycode in the format you received it, including the hyphens
that separate sequences of letters and digits:
If you are installing the evaluation version and do not have a keycode,
press
ENTER.
7. Select the Standalone installation .
8. Select whether you want to allow the remote access to the web user
interface.
Allow remote access to the web user interface? [no]
9. Select whether the web user interface can be opened from the
localhost without a login.
Allow connections from localhost to the web user interface
without login? [yes]
10. Enter the user name who is allowed to access the web user interface.
Please enter the user name who is allowed to use the web user
interface.
The user name is a local Linux account. Y ou ha ve to create the
account if it does not exist yet. Do not use the root account for
this purpose.
1 1. Select whether you want add currently installed kernel modules to the
Integrity Checker known files list and generate the baseline. For more
information, see “Generate Baseline”, 61
Would you like to enable Linux kernel module verification
[yes]?
12. Enter the baseline passphrase. For more information, see
“Passphrase”, 62.
Please insert passphrase for HMAC creation (max 80
characters)
13. The installation is complete.
After the installation is complete, you can start the F-icon systray applet
with the
For information how to access the web user interface and to see that the
virus protection is working, see “Getting Started”, 31.
fsui command.
3.2.2 Centrally Managed Installation
During the installation, you must have a compiler and the kernel source
installed. Read the documentation of your distribution on how to check
that the required tools are installed. For some common
distribution-specific instructions how to install required tools to the
computer, see “Installation Prerequisites”, 77.
When you install the product in centrally managed mode, you must first
have F-Secure Policy Manager installed on a separate computer. For
F-Secure Policy Manager Console installation instructions, see the
F-Secure Policy Manager Administrator’s Guide.
CHAPTER 3 21
Installation
IMPORTANT: Before you start the installation, you have to copy
the admin.pub key from F-Secure Policy Manager to the computer
where you will install the product. You can do this by using, for
example, scp, sftp or any removable media. By default the
installation script assumes that the admin.pub key is located in the
/root directory.
Follow the instructions below to install the product in centrally managed
mode. You will need to install the product using an account with root
privileges.
1. Copy the installation file to your hard disk. Use the following
command to extract the installation file:
tar zxvf f-secure-linux-client-security-<version>.<build>.tgz
2. Make sure that the installation file is executable:
22
chmod a+x f-secure-linux-client-security-<version>.<build>
3. Run the following command to start the installation:
./f-secure-linux-client-security-<version>.<build>
The setup script will display some questions. The default value is
shown in brackets after the question. Press
ENTER to select the
default value.
4. Select the language you want to use in the web user interface during
the installation.
Select language to use in Web User Interface
[1] English (default)
[2] Japanese
[3] German
5. The installation displays the license agreement. If you accept the
agreement, answer
yes and press ENTER to continue.
6. Enter the keycode to install the full, licensed version of the product.
Enter the keycode in the format you received it, including the hyphens
that separate sequences of letters and digits:
If you are installing the evaluation version and do not have a keycode,
press
ENTER.
7. Type
C to select the centrally managed installation.
8. Enter the address of the F-Secure Policy Manager Server.
Address of F-Secure Policy Manager Server:
[http://localhost/]:
9. Enter the location of the admin.pub key. This is the key that you
created during F-Secure Policy Manager Console Installation.
Give the admin.pub file location [/root/admin.pub]:
You can u se th e TAB key to complete directory and file names
when you enter the file name.
10. Select whether you want to allow remote accesses to the web user
interface.
Allow remote access to the web user interface? [no]
CHAPTER 3 23
Installation
11. Select whether the web user interface can be opened from the
localhost without a login.
Allow connections from localhost to the web user interface
without login? [yes]
12. Enter the user name who is allowed to use the web user interface.
Please enter the user name who is allowed to use the web user
interface.
The user name is a local Linux account. Y ou ha ve to create the
account if it does not exist yet. Do not use the root account for
this purpose.
13. Select whether you want add currently installed kernel modu les to the
Integrity Checker known files list and generate the baseline. For more
information, see “Generate Baseline”, 61
Would you like to enable Linux kernel module verification
[yes]?
14. Enter the baseline passphrase. For more information, see
“Passphrase”, 62.
Please insert passphrase for HMAC creation (max 80
characters)
15. The installation is complete.
16. Install the included upgrade for F-Secure Policy Manager Console.
a. Select Installation Packages in the Tools menu.
b. Select to import the fsav_linux_*_mib.jar file.
17. The product receives the policy file from the F-Secure Policy
Manager within 10 minutes after the inst a llation. If yo u do not want to
wait for the policy file, run the following command:
/etc/init.d/fsma fetch
After the installation is complete, you can start the F-icon systray applet
with the
fsui command.
For information how to access the web user interface and to see that the
virus protection is working, see “Getting Started”, 31.
24
3.3 Upgrading from a Previous Product Version
If you are running version 5.20 or later, you can install the new version
without uninstalling the previous version.
If you have an earlier version, upgrade it to 5.20 first, or uninstall it before
you install the latest version. The uninstallation preserves all settings and
the host identity, so you do not need to import the host to the F-Secure
Policy Manager again. For more information, see “Uninstalling Earlier
Version”, 25.
The product upgrade asks for the keycode you have received with the
new version. If you are running an earlier version in the evaluation mode,
you have to provide a valid keycode for the new version during the
upgrade.
If you are running an earlier version in the evaluation mode and you want
to evaluate the latest version, you have to uninstall the earlier version
first. You can install the latest in the evaluation mode during the clean
install.
If you do not have a valid keycode during the upgrade, press
CTRL-C to abort the upgrade. The installer uninstalls the prod uc t
and you can make a clean install.
Manual scanning, scheduled scanning and database update settings
have changed in version 5.30 and later. If you have modified these
settings before the upgrade, you have to make the same modifications
again after the upgrade.
Note that the upgrade deletes all alerts generated with th e ea rlier ver sion.
Upgrading from F-Secure Anti-Virus 4.65
You can upgrade version 4.65 to a command line only installation of
version 5.52 by running the installer normally. Your old configuration file
will be stored as /opt/f-secure/fsav/migration/fsav4.conf. For more
information, see “Installation Instructions”, 18.
If you want to upgrade version 4.65 to the full 5.52 version, uninstall the
old version first and run 5.52 installer normally. For more information, see
“Uninstalling Earlier Version”, 25.
Uninstalling Earlier Version
If you have version 5.x, run the following command from the command
line to uninstall it
/opt/f-secure/fsav/bin/uninstall-fsav.
If you have version 4.x, remove the following directories and files to
uninstall it:
/opt/f-secure/fsav/
/var/opt/f-secure/fsav/
/etc/opt/f-secure/fsav/
/usr/bin/fsav
/usr/share/man/man1/fsav.1
/usr/share/man/man5/fsav.conf.5
/usr/share/man/man5/fsavd.conf.5
/usr/share/man/man8/dbupdate.8
/usr/share/man/man8/fsavd.8
/usr/share/man/man8/fsavschedule.8
CHAPTER 3 25
Installation
3.4 Upgrading the Evaluation Version
If you want to upgrade the evaluation version to the full, licensed version
of the product, run the installation as normal. The upgrade script will
notice the trial version and upgrades the packages.
Enter the keycode to upgrade to the licensed version of the product. Enter
the keycode in the format you received it, including the hyphens that
separate sequences of letters and digits.
If the evaluation period has expired, uninstall the current
installation first. For more information, see “Uninstallation”, 30.
26
3.5 Replicating Software Using Image Files
If you are going to install the product on several computers, you can
create a disk image file that includes the product and use this image to
replicate the software on the computers. Make sur e that ea ch com pu te r
on which the software is installed will create a new unique identification
code.
Follow these steps to make sure that each compu ter uses a pe rsonalized
Unique ID when a disk imaging software is used:
1. Install the system and all the software that should be in the image file,
including the product.
2. Configure the product to use the correct F-Secure Policy Manager
Server. However, do not import the host to F-Secure Policy Manager
Console if the host has sent an autoregistration re qu e st to the
F-Secure Policy Manager Server. Only hosts on which the image file
will be installed should be imported.
3. Run the comma nd followin g com m a nd :
/etc/init.d/fsma clearuid
The utility program resets the Unique ID in the product installation.
4. Shut down the computer and do not restart the computer before the
image file has been created.
5. Create the disk image file.
A new Unique ID is created automatically when the system is restarted.
This will happen individually on each machine where the image file is
installed. These machines will send autoregistration requests to F-Secure
Policy Manager and the request can be processed normally.
3.6 Preparing for Custom Installation
The product installation package is a self extracting package, which
contains the software as RPMs. If there is a need to create a custom
installation package, the RPMs can be extracted from the package as
follows:
1. Type the following command:
./f-secure-linux-client-security-<version>.<build> rpm
2. Install RPM packages.
IMPORTANT: The /opt/f-secure/fsav/fsav-config script must be
executed after the RPMs have been installed, otherwise the
product will not operate.
3.7 Unattended Installation
You can install the product in the unattended mode. In unattended mode,
you provide all the information on the installer command line (or
fsav-config command line, if you install from RPM packages). The
unattended installation mode asks no questions during the installation.
Use the following command line switch during the installation:
--auto MODE [fspms=FSPMSURL adminkey=/PATH/TO/ADMIN.PUB]
lang=en|de|ja [no]remotewui [no]locallogin user=USER
kernelverify|nokernelverify pass=PASSPHRASE keycode=KEYCODE
Where
centrally managed installation.
MODE is standalone for the standalone installation or managed for the
CHAPTER 3 27
Installation
If
MODE is managed, you have to provide the URL to F-Secure Policy
Manager Server and the location of the administrator public key, for
example: fspms=http://f sp ms .co m pany.com/ adminkey=/root/admin.pub
Use the following options in the command line:
lang Select the language for the web user interface.
remotewui Allow remote access to the web user interface.
noremotewui Do not allow remote access to the web user
interface.
nolocallogin Allow local access to the web user interface
without login.
28
locallogin Require login for the local access to the web
user interface.
user=USER S pecify the local account to use for the web user
interface login.
kernelverify Turn on the kernel module verification.
nokernelverify Turn off the kernel module verification.
pass=PASS Specify th e passphrase for the baseline
generation.
keycode=KEYCODE Specify the keycode for license checks. If no
keycode is provided, the product is installed in
the evaluation mode.
For example, to install the product in standalone mode with English web
user interface, with no remote access to user interface and not requiring
login for local user interface access and not using kernel module
verification:
./f-secure-linux-client-security-<version>.<build> --auto
standalone lang=en noremotewui nolocallogin nokernelverify
3.8 Installing Command Line Scanner Only
The command line only installation installs only the command line
scanner and the automatic update agent. The installation mode is
designed for users migrating from F-Secure Anti-Virus for Linux 4.6x
series and for users who do not need the real-time protection, integrity
checking, web user interface or central management, for example users
running AMaViS mail virus scanner.
Use the following command line when running the installer to install the
command line scanner only version of the product:
./f-secure-linux-server-security-<version>.<build>
--command-line-only
Loading...