Posts Tagged ‘novel’

Using Clam AntiVirus to provide real-time protection for your iFolder 3 Server

Sunday, September 13th, 2009

“Because iFolder is a cross-platform distributed solution, there is a possibility of a virus infection on a platform migrating across the iFolder server to other platforms, and vice versa. You should enforce server-based virus scanning to prevent viruses from entering the corporate network.”

This solution applies for openSuSE 11.1 :

The following packages need to be installed :

clamav
dazuko
postfix

Execute modprobe dazuko (as root)

Run lsmod and check that dazuko is loaded:

Edit /etc/init.d/boot.local

  • Add:
    modprobe dazuko

Edit /etc/clamd.conf

Enable logging by activating :
LogFile /var/log/clamd

* Activate:
# Path to a local socket file the daemon will listen on.
LocalSocket /var/lib/clamav/clamd-socket

* Deactivate:
# TCP port address.
#TCPSocket 3310

* Deactivate:
# TCP address.
#TCPAddr 127.0.0.1

* Activate and edit:
# Execute a command when virus is found.
VirusEvent /bin/echo “iFolder VIRUS ALERT: %v” | /bin/mail -s “ClamAV – iFolder” -r ClamAV@server.domain ToUser@domain

* Deactivate:
# Run as a selected user (clamd must be started by root).
#User vscan

Note:
If not deaktivating “User vscan” you receive the error: “clamuko cannot connect to dazuko” in /var/log/clamd

* Clamuko settings, Activate the following :

ClamukoScanOnAccess yes
ClamukoScanOnOpen yes
ClamukoScanOnClose yes
ClamukoScanOnExec yes
ClamukoIncludePath /YOUR_PATH_TO_IFOLDER/ifolder/simias/SimiasFiles

Change any other settings in the file to reflect your needs (see ClamAV documentation).

Start clamd:
/etc/init.d/clamd start

Check that clamd was started without any errors:
tail -f /var/log/clamd

Download the EICAR test signature from:
http://www.f-secure.com/virus-info/eicar_test_file.shtml

Note!
This is not a real virus.

Run: tail -f /var/log/clamd

Save the test file (eicar.zip and/or eicar.com) in your iFolder and wait for sync.

When the virus pattern is detected you should see this (see below) in the log file
/var/log/clamd.

Check that a mail has been sent: tail /var/log/mail

Update ClamAV:
You can update ClamAV using the command: freshclam

A better way is to use the freshclam daemon for automatic updates.

Settings for freshclam: /etc/freshclam.conf

Edit /etc/freshclam.conf

  • Activate:
    # Path to the log file (make sure it has proper permissions)
    UpdateLogFile /var/log/freshclam.log
  • Activate and provide your country code:
    # Uncomment the following line and replace XY with your country code.
    DatabaseMirror db.se.clamav.net
  • Activate and provide update interval (e.g 24 for every hour):
    # Number of database checks per day.
    Checks 24

Create a log file for freshclam:
touch /var/log/freshclam.log

Set file rights:
chown vscan:vscan /var/log/freshclam.log

Start freshclam:
/etc/init.d/freshclam start

Check the log file:
tail /var/log/freshclam.log

Activate automatic start for clamd, freshclam and postfix from Yast –> System –> System Services (Run Level).

Now you have a real-time anti-virus scanning for your iFolder3 server.

Installing iFolder server on openSuSE 11.1

Monday, August 24th, 2009

iFolder is a simple and secure storage solution that can increase your productivity by enabling you to back up, access and manage your personal files-from anywhere, at any time. Once you have installed iFolder, you simply save your files locally-as you have always done-and iFolder automatically updates the files on a network server and delivers them to the other machines you use.

Using iFolder, you can designate any network server as an iFolder server and publish information to a personal iFolder created on that server. Once your folder is established, you can install iFolder on the computers you regularly use and download information from your personal iFolder to any of those computers. Not only that, but using iFolder, you can also invite other iFolder users to share your files in the same safe and secure way so that your teams always have the most relevant copy of a document.

You can download iFolder server for openSuSE 10.3 from this URL : http://www.ifolder.com/download/

But installing iFolder server on openSuSE 11.1 is a bit tedious as mono packages packed with version 11.1 are a bit advanced for iFolder. Find below instructions to help you out :

– Install iFolder server and plugins from this repo.

– Configure apache2 with SSL support.

– Setup by typing as root :

simias-server-setup

ifolder-admin-setup

ifolder-web-setup

in console and follow question given by each command.

Change folder directory to /etc/apache2/conf.d by cd command and copy all .conf file to /etc/apache2 with cp command on console.

– Start apache service by typing service rcapache2 start in console.

– Allow services http and https in Firewall.

And you’re done.

IMPORTANT :

If you experience the following error code while the client is trying to connect to the server : Authentication Status Code: Unknown. The problem can be solved by NOT choosing the default server data location while running simias-server-setup. I have chosen /home/iFolder instead and that solved my problems. The server will create the folder for you with correct setup and permissions.

I would like to thank http://www.decriptor.com/2009/05/22/ifolder-on-opensuse-11-1/ for helping in creating the repository and making the above information available.


Linux distribution strategic criteria

Monday, June 1st, 2009

Two New Gartner Linux Research Notes

Leading IT research and advisory company Gartner has published two new Linux research notes: