140 lines
3.6 KiB
Markdown
140 lines
3.6 KiB
Markdown
---
|
||
categories: system
|
||
title: Howto ESET Antivirus
|
||
...
|
||
|
||
# Antivirus fichiers (File Security)
|
||
|
||
* Documentation : <https://help.eset.com/efs/4/en-US/>
|
||
|
||
~~~
|
||
To COMPLETE INSTALLATION or UPDATE the Product:
|
||
* Import the license file: /opt/eset/esets/sbin/esets_lic --import file.lic
|
||
* Enter acquired username/password information into the global section
|
||
of main configuration file /etc/opt/eset/esets/esets.cfg
|
||
* Start main daemon service: /etc/init.d/esets start
|
||
|
||
To UNINSTALL the Product:
|
||
* Uninstall the package: dpkg --purge esets
|
||
|
||
To KEEP your KNOWLEDGE Up-To-Date:
|
||
* Read the User's Guide in /opt/eset/esets/share/doc.
|
||
* Read manual page esets.cfg(5) (use 'man esets.cfg').
|
||
|
||
To REPORT Bugs or Problems:
|
||
* Please, visit: www.eset.com/support
|
||
~~~
|
||
|
||
Pour lancer un scan :
|
||
|
||
~~~
|
||
/opt/eset/esets/sbin/esets_scan --no-symlink --no-quarantine --clean-mode=none /home
|
||
~~~
|
||
|
||
# Antivirus Mail (Mail Security)
|
||
|
||
* Documentation : <https://help.eset.com/ems_linux/4/en-US/>
|
||
* Téléchargement : <https://www.eset.com/us/business/server-antivirus/mail-security-linux/download/> (Nécessite login/pass).
|
||
|
||
L'installation consiste a exécuter une archive auto-extractible qui contient un .deb. Une fois installé, le logiciel ESETS réside dans `/opt/esets`.
|
||
|
||
Pour activer la mise à jour des signatures antivirus il faut spécifier le `av_update_username/password` dans `/etc/opt/eset/esets/esets.cfg`.
|
||
|
||
Si vous avez un proxy ou un pare-feu il faut autoriser `update.eset.com`.
|
||
|
||
Pour démarrer le démon :
|
||
|
||
~~~
|
||
# systemctl start esets
|
||
~~~
|
||
|
||
Mise à jour manuelle des signatures antivirus :
|
||
|
||
~~~
|
||
# /opt/eset/esets/sbin/esets_update --username="$LOGIN" --password="$PASS"
|
||
~~~
|
||
|
||
Pour mettre à jour la version de Antivirus Mail, il faut récupérer la dernière version depuis l'interface web, Home > Product version > Check for new version.
|
||
|
||
Puis l’exécuter comme ceci :
|
||
|
||
~~~
|
||
sh ./esets.amd64.deb.bin
|
||
~~~
|
||
|
||
Cela redémarre esets.service, il conserve la configuration courante et la licence associé.
|
||
|
||
## Utilisation en content_filter postfix
|
||
|
||
Exemple de configuration :
|
||
|
||
~~~
|
||
[smtp]
|
||
agent_enabled = yes
|
||
num_proc = 1
|
||
num_thrd = 2
|
||
listen_addr = "localhost"
|
||
listen_port = 2526
|
||
server_addr = "localhost"
|
||
# Port classique 10025 pack mail Evolix, second serveur SMTP post amavis
|
||
# Ou port 10024 pour passer à Amavis
|
||
server_port = 10025
|
||
timeout_client = 30
|
||
add_header_xvirus = yes
|
||
add_header_received = yes
|
||
action_av = "scan"
|
||
action_as = "scan"
|
||
av_eml_subject_modification_mask = "as_spam"
|
||
av_eml_header_modification_mask = ""
|
||
av_eml_footnote_modification_mask = ""
|
||
av_eml_header_template = "%avstatus%"
|
||
#av_eml_subject_template = "[Virus %avstatus%]"
|
||
as_eml_subject_template = "[%asstatus%]"
|
||
as_eml_header_modification = yes
|
||
av_mail_notified_users = "postmaster@example.com"
|
||
av_scan_obj_archives = yes
|
||
av_scan_obj_mime = yes
|
||
av_scan_obj_sfx = yes
|
||
av_scan_obj_rtp = yes
|
||
av_scan_app_adware = yes
|
||
av_scan_app_unsafe = yes
|
||
av_scan_app_unwanted = yes
|
||
av_scan_pattern = yes
|
||
av_scan_heur = yes
|
||
av_scan_adv_heur = yes
|
||
av_scan_smart = yes
|
||
action_av_infected = "accept"
|
||
action_av_notscanned = "accept"
|
||
action_av_deleted = "accept"
|
||
action_as_spam = "accept"
|
||
av_eml_footnote_log_all = yes
|
||
av_clean_mode = "standard"
|
||
av_scan_obj_max_size = 0
|
||
av_scan_archive_max_level = 10
|
||
av_scan_archive_timeout = 30
|
||
av_scan_archive_max_size = 0
|
||
av_quarantine_enabled = no
|
||
syslog_facility = "mail"
|
||
syslog_class = "error:warning:summall:summ:partall:part:info:debug"
|
||
|
||
~~~
|
||
|
||
## Interface web
|
||
|
||
Exemple de configuration :
|
||
|
||
~~~
|
||
[wwwi]
|
||
agent_enabled = yes
|
||
listen_addr = "127.0.0.1"
|
||
listen_port = 9090
|
||
username = "admin"
|
||
password = "password"
|
||
~~~
|
||
|
||
## Voir les logs
|
||
|
||
~~~
|
||
journalctl -f -u esets
|
||
~~~
|