Author Topic: 2014 server products  (Read 64341 times)

0 Members and 1 Guest are viewing this topic.

MAG

  • Guest
Re: 2014 server products (BETA)
« Reply #15 on: February 10, 2014, 06:51:21 PM »
Hello,

It's nice to see Avast for Linux finally updated, even in Command Line Interface.

But please could you explain how to use it ? Where to save the license.txt file, how to activate it ?

How to scan the computer / a specific folder ? How to update the virus definitions ?

Even with the "man" help pages, I don't understand.

If I run :  scan -v
I get the answer : 40707

With : scan -V
connect(): /var/run/avast/scan.sock: No such file or directory

I've downloaded and installed the deb of avast core scanner only.

Thanks !  :)

I think you may need to rename license.avastlic.txt to just license.avastlic before copying across to  /etc/avast as tumic advised above. That is the name the avast.conf file seems to be looking for.

Also reboot. That got avast running for me, and scanning now seems to work.
« Last Edit: February 10, 2014, 07:15:42 PM by mag »

Offline avast@@dvantage77.com

  • J.R. Guthrie - avast! Sales and Support Specialist
  • Avast Reseller
  • Advanced Poster
  • *
  • Posts: 740
  • the only avast! Distributor & Platinum Reseller
    • Advantage Micro Corporation
Re: 2014 server products (BETA)
« Reply #16 on: February 10, 2014, 07:00:57 PM »
Also, will that also kill avast! version 4 updates?

Sincerely,
 
J.R. "AutoSandbox Guy" Guthrie

"At this point in time, the Internet should be regarded as an Enemy Weapons System!"
Sincerely,
 
J.R. "AutoSandbox Guy" Guthrie

"At this point in time, the Internet should be regarded as an Enemy Weapons System!"

Offline claudiuc

  • avast! Security Expert
  • Avast Reseller
  • Sr. Member
  • *
  • Posts: 282
  • www.avastantivirus.ro
    • www.avastantivirus.ro
Re: 2014 server products (BETA)
« Reply #17 on: February 10, 2014, 09:09:43 PM »
@tumic: It is possible to collaborate with team from here (https://www.rfxn.com/projects/linux-malware-detect/) to share malware definition for linux?

I have no idea how that project works, but If all you need are MD5 hashes of infected files, than you can scan a file using avast and compute the file's hash using md5sum, if the file is reported as infected.

It's one of best malware/rootkit detector for linux. I think avast can benefit from md5 hashes from that project, it will improve detection rate.
Claudiu C. - Easy Media
Avast & AVG Distributor Romania, Moldova, Hungary
https://www.avastantivirus.ro/

Offline tumic

  • Moderator
  • Advanced Poster
  • *
  • Posts: 724
Re: 2014 server products (BETA)
« Reply #18 on: February 11, 2014, 06:40:40 PM »
Also, will that also kill avast! version 4 updates?

avast! version 4 VPS will be available until there are any avast! products using it, including windows products.
At the moment there are still such products, but the maintenance is very limited. So the new linux products are
not the final nail in the VPS 4 coffin, but a very significant one.

Sparklit

  • Guest
Re: 2014 server products (BETA)
« Reply #19 on: February 19, 2014, 01:19:27 AM »
Really optimistic about this program. Couple of questions and points.

  • Does the command line version running in debian detect web based threats? Does it use the same database for scanning say blocked urls?
  • How is updating of the signature database accomplished
  • Should Avast detect the Eicar signture within the body of an HTML file? Is there a signature I could use to test scanning of HTML files?

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2270
Re: 2014 server products (BETA)
« Reply #20 on: February 19, 2014, 08:42:34 AM »
Hello,
3. http://www.amtso.org/

Milos

Offline Abraxas

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 730
  • Perseverance Furthers...
    • PCLinuxOS-Forums
Re: 2014 server products (BETA)
« Reply #21 on: February 19, 2014, 06:49:44 PM »
I doubt I could test a 'beta' release of a Server Edition of Avast.

1.) I don't use a Server running Linux.
2.) I would most certainly break the package structure specific to my Linux DE

Hoping the difference between a 'Server', and DE is clearer.  ;)

Offline claudiuc

  • avast! Security Expert
  • Avast Reseller
  • Sr. Member
  • *
  • Posts: 282
  • www.avastantivirus.ro
    • www.avastantivirus.ro
Re: 2014 server products (BETA)
« Reply #22 on: March 02, 2014, 02:04:37 PM »
I have some errors using scan on centos linux:

[root@web ~]# scan /var/www/
scan: /var/www/atmail/users/tmp: Permission denied

Same errors on /home:
[root@web ~]# scan /home/
scan: /home/claudiuc: Permission denied

Seems like there are some permission problems, if I add avast user to root group is working ok.
« Last Edit: March 02, 2014, 02:07:12 PM by claudiuc »
Claudiu C. - Easy Media
Avast & AVG Distributor Romania, Moldova, Hungary
https://www.avastantivirus.ro/

Offline tumic

  • Moderator
  • Advanced Poster
  • *
  • Posts: 724
Re: 2014 server products (BETA)
« Reply #23 on: March 03, 2014, 10:26:50 AM »
I have some errors using scan on centos linux:

[root@web ~]# scan /var/www/
scan: /var/www/atmail/users/tmp: Permission denied

Same errors on /home:
[root@web ~]# scan /home/
scan: /home/claudiuc: Permission denied

Seems like there are some permission problems, if I add avast user to root group is working ok.

By default, the scan service is running under the avast user as running under root
is not required (and not wanted) for the mailserver and network proxy use case. If
you need avast running under root, for example for the fileserver shield usage*, you
can change it by creating the file /etc/default/avast with the following content:

Code: [Select]
AVAST_USER=root
AVAST_GROUP=root

* This is done automatically, when the avast-fss package is installed.

Offline claudiuc

  • avast! Security Expert
  • Avast Reseller
  • Sr. Member
  • *
  • Posts: 282
  • www.avastantivirus.ro
    • www.avastantivirus.ro
Re: 2014 server products (BETA 2)
« Reply #24 on: March 03, 2014, 10:25:09 PM »
@tumic:
I'm using avast as a daily scanner for malware on a shared web hosting server, based on RedHat, so is not possible to use avast-fss.
Anyway is not a bug, so thanks for hint about /etc/default/avast options.

Another question, can we get some detailed reports  from scan process (like number of files scanned, number of infected files, etc)?
And it is possible to add a remove/quarantine option to scan process?
Claudiu C. - Easy Media
Avast & AVG Distributor Romania, Moldova, Hungary
https://www.avastantivirus.ro/

Offline claudiuc

  • avast! Security Expert
  • Avast Reseller
  • Sr. Member
  • *
  • Posts: 282
  • www.avastantivirus.ro
    • www.avastantivirus.ro
Re: 2014 server products (BETA 2)
« Reply #25 on: March 03, 2014, 10:30:30 PM »
@tumic:
do you mean "/etc/sysconfig/avast" ?
Claudiu C. - Easy Media
Avast & AVG Distributor Romania, Moldova, Hungary
https://www.avastantivirus.ro/

Offline tumic

  • Moderator
  • Advanced Poster
  • *
  • Posts: 724
Re: 2014 server products (BETA 2)
« Reply #26 on: March 04, 2014, 10:28:09 AM »
@tumic:
do you mean "/etc/sysconfig/avast" ?

No, I really mean /etc/default/avast. If the file does not exist, then simply create it.

Offline tumic

  • Moderator
  • Advanced Poster
  • *
  • Posts: 724
Re: 2014 server products (BETA 2)
« Reply #27 on: March 04, 2014, 11:13:44 AM »
Another question, can we get some detailed reports  from scan process (like number of files scanned, number of infected files, etc)?

You can use the "-a" switch, redirect the output to a file and get any statistics you want. e.g.:
Code: [Select]
scan -a /dir/to/scan > /tmp/scan.log
# number of files scanned
cat /tmp/scan.log | wc -l
# number of infected files
grep -v '[OK]' /tmp/scan.log | wc -l

And it is possible to add a remove/quarantine option to scan process?

The same as above. Just use some trivial shell script to do this. e.g.

Code: [Select]
scan /dir/to/scan | cut -f 1 | { while read file; do mv $file /chest/dir; done }

Offline claudiuc

  • avast! Security Expert
  • Avast Reseller
  • Sr. Member
  • *
  • Posts: 282
  • www.avastantivirus.ro
    • www.avastantivirus.ro
Re: 2014 server products (BETA 2)
« Reply #28 on: March 04, 2014, 11:37:48 AM »
@tumic:
do you mean "/etc/sysconfig/avast" ?

No, I really mean /etc/default/avast. If the file does not exist, then simply create it.

# /etc/init.d/avast
# Copyright(c) 2013 AVAST Software

EXEC="/bin/avast"
SYSCONFIG="/etc/sysconfig/avast"

RUNDIR="/var/run/avast"
PIDFILE="$RUNDIR/avast.pid"
PROG=`basename $EXEC`

# Include defaults if available
[ -r "$SYSCONFIG" ] && . "$SYSCONFIG"

if [ -z "$AVAST_USER" ]; then
        AVAST_USER='avast'
fi
if [ -z "$AVAST_GROUP" ]; then
        AVAST_GROUP='avast'
fi
Claudiu C. - Easy Media
Avast & AVG Distributor Romania, Moldova, Hungary
https://www.avastantivirus.ro/

Offline claudiuc

  • avast! Security Expert
  • Avast Reseller
  • Sr. Member
  • *
  • Posts: 282
  • www.avastantivirus.ro
    • www.avastantivirus.ro
Re: 2014 server products (BETA 2)
« Reply #29 on: March 04, 2014, 11:46:00 AM »
Bug on update, crontab is not updated ok (rpm -Uvh avast-1.0.5-1.x86_64.rpm)

### Begin: avast of crontab entry ###
# Do not add anything between '### Begin: avast ...' and '### End: avast ...' lines.
# anything in between these lines will be removed when 'avast' package is removed.

0 */6 * * * /var/lib/avast/Setup/avast.vpsupdate >>/var/log/avast/vpsupdate.log 2>&1
### End: avast of crontab entry ###
### Begin: avast of crontab entry ###
# Do not add anything between '### Begin: avast ...' and '### End: avast ...' lines.
# anything in between these lines will be removed when 'avast' package is removed.

0 * * * * /var/lib/avast/Setup/avast.vpsupdate 2>&1 | logger -t avast.vpsupdate -i -p daemon.warn
### End: avast of crontab entry ###
Claudiu C. - Easy Media
Avast & AVG Distributor Romania, Moldova, Hungary
https://www.avastantivirus.ro/