ESET FILE SECURITY - Installation and Configuration; Tips

To Next Page

To Previous Page

program which provides continuous monitoring and control over the le system. Every le

systemobject is scanned based on customizable le accesseventtypes.The followingevent

types are supported by the current version:

Open events

Thisleaccesstypeisactivatediftheword'open'ispresentinthe'event_mask‘parameterin

theeset.cfgle([dac]section).Inthiscase,theON_OPENbitofDazukoaccessmaskissettoon.

Close events

Thisleaccesstypeisactivatediftheword'close'ispresentinthe'event_mask‘parameterin

theeset.cfgle([dac]section).Inthiscase,theON_CLOSEbitandON_CLOSE_MODIFIEDbitof

Dazuko access mask is set to on.

NOTE:SomeOSkernelversionsdonotsupporttheinterceptionofON_CLOSEevents.Inthese

cases,closeeventswillnotbemonitoredbyesets_dac.

Exec events

Thisleaccesstypeisactivatediftheword'exec'ispresentinthe'event_mask'parameterin

theeset.cfgle([dac]section).InthiscasetheON_EXECbitofDazukoaccessmaskissettoon.

In summary,theOn-accessscannerensuresthat all opened, closed and executedlesare

scannedbytheesets_daemonforviruses.Basedontheresultofsuchscans,accesstogivenles

is denied or allowed.

5.2.2. Installation and configuration

As mentioned previously, the Dazuko kernel module must be compiled and installed within

the running kernel before esets_dac can be initialized. To compile and install Dazuko, please see:

http://www.dazuko.org/howto-install.shtml.

Once Dazuko is installed, review and edit the [global] and [dac] sections of the ESETS

configuration file (esets.cfg). Note that the proper functioning of the On-access scanner is

dependent upon configuration of the‘agent_enabled’ option within the [dac] section of this

le.Additionally,youmustdefinethefilesystemobjects(i.e.directoriesandfiles)thataretobe

monitored by the On-access scanner. This can be accomplished by defining the parameters of

the‘ctl_incl’and‘ctl_excl’options,whicharealsolocatedwithinthe[dac]section.Aftermaking

changes to the esets.cfg le, you can forcethe newly createdconfiguration to be re-read by

reloading the ESETS daemon.

5.2.3. Tips

To ensure that the Dazuko module loads prior to initialization of the esets_dac daemon,

follow these steps:

Place a copy of the Dazuko module in either of the following directories, which are reserved

for kernel modules:

/lib/modules

/modules

Use the kernel utilities ‘depmod’ and ‘modprobe’ (For BSD OS, use ‘kldconfig’ and ‘kldload’) to

handle dependencies and successful initialization of the newly added Dazuko module.

In the esets_daemon initialization script ‘/etc/init.d/esets_daemon’, before the daemon

chapter 5 Integration with File System services

Related product manuals