we protect digital worlds NOD32 for Linux/BSD File Server Installation Manual and User’s documentation
Table of contents NOD32 for Linux/BSD File Server, First Edition Published on 6th December 2006 Copyright © 2006 Eset, s.r.o. NOD32 for Linux/BSD File Server was developed by Eset, s.r.o. For more information visit www.nod32.com.sg. All rights reserved. No part of this documentation may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise without a permission in writing from the author. Eset, s.r.o.
Chapter 1: 1 Introduction Introduction
Dear user, you have acquired NOD32 for Linux/BSD File Server - NOD32LFS/NOD32BFS - probably the best antivirus system running under the Linux/BSD OS. As you will soon find out, the system using, the state-of-the-artNOD32 scanning engine, has unsurpassed scanning speed and detection rate, combined with a very small footprint that makes it the ideal choice for any Linux/BSD OS server. In the rest of this chapter we review a key features of the system.
Chapter 2: 2 Installation Installation
This product is distributed as a binary file. Its format for Linux OS is: nod32ls.i386.ext.bin where ’ext’ is a Linux OS distribution dependent suffix, i.e. ’deb’ for Debian Linux OS distribution, ’rpm’ for RedHat and SuSE Linux OS distributions, ’tgz’ for other Linux OS distributions. Note that we support also RedHat Ready and Novell (SuSE) Ready variation of the product The RedHat and Novell (SuSE) Ready variation of the binary file format is: nod32ls-rsr.i386.rpm.
Chapter 3: 3 Product’s Roadmap Product’s Roadmap
Once the product package has been successfully installed, it is time to become familiar with its content. The structure of the NOD32LFS/NOD32BFS is shown in the figure 3-1. The system is composed of the following components. Figure 3-1. Structure of NOD32LFS/NOD32BFS. AGENTS nod32dac CORE nod32d libnod32.so nod32.00X libnod32pac.so nod32 CONFIGURATION nod32.
Note that in case of RedHat Ready and Novell (SuSE) Ready variation of the NOD32 for Linux Mail Server the configuration and authorization directory is /etc/opt/eset/nod32 The directory consists of the following files. nod32.cfg This is the most important configuration file as it maintains the major part of the product functionality. For this reason the file is further referred to as ‘main configuration file‘ or ‘main NOD32 configuration file‘.
NOD32 for Linux/BSD File Server
Chapter 4: 4 Integration with Linux/BSD File System Integration with Linux/BSD File System
This chapter describes process of configuration of NOD32LFS/NOD32BFS system in order to provide an efficient protection from virus and worm infections of the file systems by using ondemand and on-access scanning techniques. The NOD32 for Linux/BSD File Server is composed from the so-called on-demand scanner ‘nod32‘ and so-called onaccess scanner ’nod32dac’. The Linux version of the products implements also additional on-access scanner technique using preload library module ’libnod32pac.so.
of the NOD32LFS/NOD32BFS product and thus it must be compiled and installed into the kernel prior the NOD32 onaccess scanner (nod32dac daemon) initialization. On the other hand the Dazuko technique make on-access scanning independent of used file system type. It is also suitable for controlling file system objects via Network File System (NFS), Nettalk and Samba.
4.2.1.2. Installation and configuration It has been already discussed that prior any ‘nod32dac’ initialization, so-called Dazuko kernel module has to be compiled and installed within the running kernel. Note that the following text contains only brief description of the Dazuko kernel module installation. Therefore it is highly recommended to read the Dazuko how-to-install documentation (see http://www.dazuko.org/howto-install.shtml) in order to compile and load the Dazuko module properly into the kernel.
/sbin/kldstat In all cases there should be Dazuko listed in the output of these commands. Unless the device node is created automatically, create it with: mknod -m 600 /dev/dazuko c $(grep dazuko /proc/devices | sed “s/ .*//“) 0 chown root:root /dev/dazuko resp. in BSD OS by using command mknod /dev/dazuko c 33 0 Read and edit [global] and [dac] sections of NOD32 main configuration file.
4.2.2.1. Operation principle On-access scanner ‘libnod32pac.so’ (NOD32 Preload library based file Access Controller) is a shared objects library that is used as a preload library of LIBC and can become functional during the system start-up. It is thus applicable for file system servers using LIBC calls, for instance ftp server, Samba server etc. Scanning of each file system object is performed upon customizable file access event of the user and/or operating system.
responsible for initialization of smbd daemon by the following line LD_PRELOAD=/usr/lib/libnod32pac.so daemon /usr/sbin/smbd $SMBDOPTIONS In this manner selected file system objects controlled by Samba will be checked immediately after Samba initialization, i.e. during the system start-up.
NOD32 for Linux/BSD File Server
Chapter 5: 5 Important NOD32LFS/NOD32BFS Mechanisms Important NOD32LFS/ NOD32BFS Mechanisms
5.1. User Specific Configuration User Specific Configuration mechanism is implemented in the product in order to provide user with enhanced configuration functionality. It allows to define NOD32 anti-virus scanner parameters selectively for user accessing file system objects. Please note that the detailed description of this functionality can be found in nod32.cfg(5) manual page and manual pages referenced there.
configuration option (‘av_enabled‘). For detailed information on these configuration options, please refer to the nod32. cfg(5) manual page. Figure 5-1. Scheme of Handle Object Policy mechanism.
NOD32 for Linux/BSD File Server
Chapter 6: 6 NOD32 system update and maintenance NOD32 system update and maintenance
6.1. Basic concept of NOD32 system update In order to keep the anti-virus system effective, it is necessary to keep NOD32 virus signatures databse up to date. The nod32update utility has been developed for this purpose. To get details on the operation of the utility, read the nod32update(8) manual page. Basic concept of the NOD32 system update is composed from two parts. 6.1.1.
module (nod32.005) and ThreatSense.NET support module (nod32.006) in the directory: /var/lib/nod32 resp. in RedHat Ready and Novell (SuSE) Ready variation of the product the target directory is as follows: /var/opt/eset/nod32/lib Note that the above directory is exactly the NOD32 base directory where main NOD32 daemon loads NOD32 modules from. 6.2.
NOD32 for Linux/BSD File Server
Chapter 7: 7 Let us know Let us know
Dear user, this guide should have given you a good knowledge about the product installation, configuration and maintenance. However, writing a documentation is a process that is never finished. There will always be some parts that can be explained better or are not even explained at all. Therefore, in case of bugs or inconsistencies found within this documentation, please report a problem to our support center http://www.nod32.com.