130 lines
3.2 KiB
Markdown
130 lines
3.2 KiB
Markdown
---
|
|
categories: system
|
|
title: Howto ESET Antivirus
|
|
...
|
|
|
|
# Antivirus fichiers (File Security)
|
|
|
|
* Documentation : <https://help.eset.com/efs/4/en-US/>
|
|
|
|
~~~
|
|
To COMPLETE INSTALLATION or UPDATE the Product:
|
|
* Import the license file: /opt/eset/esets/sbin/esets_lic --import file.lic
|
|
* Enter acquired username/password information into the global section
|
|
of main configuration file /etc/opt/eset/esets/esets.cfg
|
|
* Start main daemon service: /etc/init.d/esets start
|
|
|
|
To UNINSTALL the Product:
|
|
* Uninstall the package: dpkg --purge esets
|
|
|
|
To KEEP your KNOWLEDGE Up-To-Date:
|
|
* Read the User's Guide in /opt/eset/esets/share/doc.
|
|
* Read manual page esets.cfg(5) (use 'man esets.cfg').
|
|
|
|
To REPORT Bugs or Problems:
|
|
* Please, visit: www.eset.com/support
|
|
~~~
|
|
|
|
Pour lancer un scan :
|
|
|
|
~~~
|
|
/opt/eset/esets/sbin/esets_scan --no-symlink --no-quarantine --clean-mode=none /home
|
|
~~~
|
|
|
|
# Antivirus Mail (Mail Security)
|
|
|
|
* Documentation : <https://help.eset.com/ems_linux/4/en-US/>
|
|
* Téléchargement : <https://www.eset.com/us/business/server-antivirus/mail-security-linux/download/> (Nécessite login/pass).
|
|
|
|
L'installation consiste a exécuter une archive auto-extractible qui contient un .deb. Une fois installé, le logiciel ESETS réside dans `/opt/esets`.
|
|
|
|
Pour activer la mise à jour des signatures antivirus il faut spécifier le `av_update_username/password` dans `/etc/opt/eset/esets/esets.cfg`.
|
|
|
|
Si vous avez un proxy ou un pare-feu il faut autoriser `update.eset.com`.
|
|
|
|
Pour démarrer le démon :
|
|
|
|
~~~
|
|
# systemctl start esets
|
|
~~~
|
|
|
|
Mise à jour manuelle :
|
|
|
|
~~~
|
|
# /opt/eset/esets/sbin/esets_update --username="$LOGIN" --password="$PASS"
|
|
~~~
|
|
|
|
## Utilisation en content_filter postfix
|
|
|
|
Exemple de configuration :
|
|
|
|
~~~
|
|
[smtp]
|
|
agent_enabled = yes
|
|
num_proc = 1
|
|
num_thrd = 2
|
|
listen_addr = "localhost"
|
|
listen_port = 2526
|
|
server_addr = "localhost"
|
|
# Port classique 10025 pack mail Evolix, second serveur SMTP post amavis
|
|
# Ou port 10024 pour passer à Amavis
|
|
server_port = 10025
|
|
timeout_client = 30
|
|
add_header_xvirus = yes
|
|
add_header_received = yes
|
|
action_av = "scan"
|
|
action_as = "scan"
|
|
av_eml_subject_modification_mask = "as_spam"
|
|
av_eml_header_modification_mask = ""
|
|
av_eml_footnote_modification_mask = ""
|
|
av_eml_header_template = "%avstatus%"
|
|
#av_eml_subject_template = "[Virus %avstatus%]"
|
|
as_eml_subject_template = "[%asstatus%]"
|
|
as_eml_header_modification = yes
|
|
av_mail_notified_users = "postmaster@example.com"
|
|
av_scan_obj_archives = yes
|
|
av_scan_obj_mime = yes
|
|
av_scan_obj_sfx = yes
|
|
av_scan_obj_rtp = yes
|
|
av_scan_app_adware = yes
|
|
av_scan_app_unsafe = yes
|
|
av_scan_app_unwanted = yes
|
|
av_scan_pattern = yes
|
|
av_scan_heur = yes
|
|
av_scan_adv_heur = yes
|
|
av_scan_smart = yes
|
|
action_av_infected = "accept"
|
|
action_av_notscanned = "accept"
|
|
action_av_deleted = "accept"
|
|
action_as_spam = "accept"
|
|
av_eml_footnote_log_all = yes
|
|
av_clean_mode = "standard"
|
|
av_scan_obj_max_size = 0
|
|
av_scan_archive_max_level = 10
|
|
av_scan_archive_timeout = 30
|
|
av_scan_archive_max_size = 0
|
|
av_quarantine_enabled = no
|
|
syslog_facility = "mail"
|
|
syslog_class = "error:warning:summall:summ:partall:part:info:debug"
|
|
|
|
~~~
|
|
|
|
## Interface web
|
|
|
|
Exemple de configuration :
|
|
|
|
~~~
|
|
[wwwi]
|
|
agent_enabled = yes
|
|
listen_addr = "127.0.0.1"
|
|
listen_port = 9090
|
|
username = "admin"
|
|
password = "password"
|
|
~~~
|
|
|
|
## Voir les logs
|
|
|
|
~~~
|
|
journalctl -f -u esets
|
|
~~~
|