2008-03-03 19:11:41 +00:00
|
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
2007-02-12 12:50:17 +00:00
|
|
|
|
2010-03-10 19:14:19 +01:00
|
|
|
<!--Converted with LaTeX2HTML 2008 (1.71)
|
2007-02-12 12:50:17 +00:00
|
|
|
original version by: Nikos Drakos, CBLU, University of Leeds
|
|
|
|
|
* revised and updated by: Marcus Hennecke, Ross Moore, Herb Swan
|
|
|
|
|
* with significant contributions from:
|
|
|
|
|
Jens Lippmann, Marek Rouchal, Martin Wilck and others -->
|
|
|
|
|
<HTML>
|
|
|
|
|
<HEAD>
|
2014-05-21 11:15:21 -04:00
|
|
|
<TITLE>On-access Scanning</TITLE>
|
|
|
|
|
<META NAME="description" CONTENT="On-access Scanning">
|
2007-02-12 12:50:17 +00:00
|
|
|
<META NAME="keywords" CONTENT="clamdoc">
|
|
|
|
|
<META NAME="resource-type" CONTENT="document">
|
|
|
|
|
<META NAME="distribution" CONTENT="global">
|
|
|
|
|
|
2010-03-10 19:14:19 +01:00
|
|
|
<META NAME="Generator" CONTENT="LaTeX2HTML v2008">
|
2007-02-12 12:50:17 +00:00
|
|
|
<META HTTP-EQUIV="Content-Style-Type" CONTENT="text/css">
|
|
|
|
|
|
|
|
|
|
<LINK REL="STYLESHEET" HREF="clamdoc.css">
|
|
|
|
|
|
2014-05-21 11:15:21 -04:00
|
|
|
<LINK REL="next" HREF="node32.html">
|
2009-02-25 19:49:26 +00:00
|
|
|
<LINK REL="previous" HREF="node30.html">
|
2014-05-21 11:15:21 -04:00
|
|
|
<LINK REL="up" HREF="node28.html">
|
2007-02-12 12:50:17 +00:00
|
|
|
<LINK REL="next" HREF="node32.html">
|
|
|
|
|
</HEAD>
|
|
|
|
|
|
|
|
|
|
<BODY >
|
2008-03-03 19:11:41 +00:00
|
|
|
|
|
|
|
|
<DIV CLASS="navigation"><!--Navigation Panel-->
|
2014-05-21 11:15:21 -04:00
|
|
|
<A NAME="tex2html619"
|
2007-02-12 12:50:17 +00:00
|
|
|
HREF="node32.html">
|
|
|
|
|
<IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next" SRC="next.png"></A>
|
2014-05-21 11:15:21 -04:00
|
|
|
<A NAME="tex2html615"
|
|
|
|
|
HREF="node28.html">
|
2007-02-12 12:50:17 +00:00
|
|
|
<IMG WIDTH="26" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="up" SRC="up.png"></A>
|
2014-05-21 11:15:21 -04:00
|
|
|
<A NAME="tex2html609"
|
2007-02-12 12:50:17 +00:00
|
|
|
HREF="node30.html">
|
|
|
|
|
<IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous" SRC="prev.png"></A>
|
2014-05-21 11:15:21 -04:00
|
|
|
<A NAME="tex2html617"
|
2007-02-12 12:50:17 +00:00
|
|
|
HREF="node1.html">
|
|
|
|
|
<IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents" SRC="contents.png"></A>
|
|
|
|
|
<BR>
|
2014-05-21 11:15:21 -04:00
|
|
|
<B> Next:</B> <A NAME="tex2html620"
|
|
|
|
|
HREF="node32.html">Clamdtop</A>
|
|
|
|
|
<B> Up:</B> <A NAME="tex2html616"
|
|
|
|
|
HREF="node28.html">Usage</A>
|
|
|
|
|
<B> Previous:</B> <A NAME="tex2html610"
|
|
|
|
|
HREF="node30.html">Clamdscan</A>
|
|
|
|
|
<B> <A NAME="tex2html618"
|
2007-02-12 12:50:17 +00:00
|
|
|
HREF="node1.html">Contents</A></B>
|
|
|
|
|
<BR>
|
2008-03-03 19:11:41 +00:00
|
|
|
<BR></DIV>
|
2007-02-12 12:50:17 +00:00
|
|
|
<!--End of Navigation Panel-->
|
|
|
|
|
|
2014-05-21 11:15:21 -04:00
|
|
|
<H2><A NAME="SECTION00063000000000000000"></A><A NAME="On-access"></A>
|
|
|
|
|
<BR>
|
|
|
|
|
On-access Scanning
|
2010-03-10 19:14:19 +01:00
|
|
|
</H2>
|
2014-05-21 11:15:21 -04:00
|
|
|
There is a special thread in <code>clamd</code> that performs on-access
|
|
|
|
|
scanning under Linux and shares internal virus database
|
|
|
|
|
with the daemon. <SPAN CLASS="textbf">You must follow some important rules when
|
|
|
|
|
using it:</SPAN>
|
|
|
|
|
|
|
|
|
|
<UL>
|
|
|
|
|
<LI>Always stop the daemon cleanly - using the SHUTDOWN command or
|
|
|
|
|
the
|
|
|
|
|
<BR>
|
|
|
|
|
SIGTERM signal. In other case you can lose access
|
|
|
|
|
to protected files until the system is restarted.
|
|
|
|
|
</LI>
|
|
|
|
|
<LI>Never protect the directory your mail-scanner software
|
|
|
|
|
uses for attachment unpacking. Access to all infected
|
|
|
|
|
files will be automatically blocked and the scanner (including
|
|
|
|
|
<code>clamd</code>!) will not be able to detect any viruses. In the
|
|
|
|
|
result <SPAN CLASS="textbf">all infected mails may be delivered.</SPAN>
|
|
|
|
|
|
|
|
|
|
</LI>
|
|
|
|
|
</UL>
|
|
|
|
|
For example, to protect the whole system add the following lines to
|
|
|
|
|
<code>clamd.conf</code>:
|
|
|
|
|
<PRE>
|
|
|
|
|
ScanOnAccess yes
|
|
|
|
|
OnAccessIncludePath /
|
|
|
|
|
OnAccessExcludePath /proc
|
|
|
|
|
OnAccessExcludePath /temporary/dir/of/your/mail/scanning/software
|
|
|
|
|
</PRE>
|
|
|
|
|
For more configuration options, type 'man clamd.conf' or reference the
|
|
|
|
|
example clamd.conf.
|
2007-02-12 12:50:17 +00:00
|
|
|
|
|
|
|
|
<P>
|
|
|
|
|
<BR><HR>
|
|
|
|
|
<ADDRESS>
|
2014-05-21 11:15:21 -04:00
|
|
|
Cisco 2014-05-21
|
2007-02-12 12:50:17 +00:00
|
|
|
</ADDRESS>
|
|
|
|
|
</BODY>
|
|
|
|
|
</HTML>
|
