Dr.Web Ctl |
You can manage operation of Dr.Web for UNIX Internet Gateways from the command line with the help of a special command-line tool—Dr.Web Ctl (). You can do the following actions from the command line: •Start scanning file system objects including boot records •Launch of scanning of files on remote network hosts (see note below). •Start updating anti-virus components (virus databases, anti-virus engine, etc. depending on the distribution). •View and change parameters of Dr.Web for UNIX Internet Gateways configuration •View the status of the product's components and statistics on detected threats •View quarantine and manage quarantined objects (via the Dr.Web Ctlcomponent). •Connect to the central protection server or disconnect from it. Commands entered by the user to control the product can have an effect only if the Dr.Web ConfigD configuration daemon is running (by default, it is automatically launched at the operating system’s startup).
The Dr.Web Ctl tool supports auto-completion of commands for managing Anti-virus operation if this option is enabled in the used command shell. If the command shell does not allow auto-completion, you can configure this option. For that purpose, refer to the instruction manual for the used OS distribution.
Dr.Web for UNIX Internet Gateways allows to perform scanning for threats of files located on remote network hosts. Such hosts can be not only full computing machines (workstations and servers) but also routers, set-top boxes and other “smart” devices that form the so-called Internet of things. To perform the remote scanning, it is necessary for the remote host to provide a remote terminal access via SSH (Secure Shell). Besides, it is required to know an IP address and a domain name of the remote host, name and password of the user, who could remotely access the system via SSH. The indicated user must have access rights to the scanned files (at least the reading rights). This function can be used only for detection of malicious and suspicious files on a remote host. Elimination of threats (i.e. isolation in the quarantine, removal and curing of malicious objects) using means of the remote scanning is impossible. To eliminate detected threats on the remote host, it is necessary to use administration tools provided directly by this host. For example, for routers and other “smart” devices, a mechanism for a firmware update can be used; for computing machines, it can be done via a connection to them (as an option, using a remote terminal mode) and respective operations in their file system (removal or moving of files, etc.), or via running an anti-virus software installed on them. Remote scanning is performed only via the command-line tool Dr.Web Ctl (the remotescan command is used).
Details: |