eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 11:54, 14 October 2010
WikiSysop (Talk | contribs)

← Previous diff
Current revision
WikiSysop (Talk | contribs)

Line 1: Line 1:
- 
{| class="wikitable" border="0" {| class="wikitable" border="0"
-|}+|-
- +
{| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;"
| style="width:10%; color:#000;" | | style="width:10%; color:#000;" |
Line 8: Line 6:
| [[Image:escan-g.jpg]] | [[Image:escan-g.jpg]]
|} |}
-|style="text-align:left;"|&nbsp;&nbsp;'''·''' [[Online Guide - Escan for Linux Desktop|<font size=1.5 color="blue">FAQ</font>]]&nbsp;&nbsp;+|style="text-align:left;"|'''·''' [[Escan/english/FAQ-eScan|<font size=1.5 color="blue"
-|style="text-align:right;"|&nbsp;&nbsp;'''·''' [[Technical Info|<font size=1.5 color="blue">Technical Information - Main Page</font>]]+ 
 +align="left">eScan</font>]]&nbsp;&nbsp;'''·''' [[Escan/english/MailScan-AFT|<font size=1.5
 + 
 +color="blue">MailScan</font>]]&nbsp;&nbsp;'''·''' [[Escan/english/Technologies|<font size=1.5
 + 
 +color="blue">Technologies</font>]]
 +|style="text-align:right;"|&nbsp;&nbsp;'''·''' [[Technical Info|<font size=1.5 color="blue">Technical
 + 
 +Info</font>]]&nbsp;&nbsp;'''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security
 + 
 +Awareness</font>]]&nbsp;&nbsp;'''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]]
|} |}
Line 24: Line 32:
__TOC__ __TOC__
- +<div align="justify">
==Info== ==Info==
- To scan a system from the Command-line using the terminal, run the following command <B>escan [OPTIONS]... [OBJECT]...</B>.<br/> This command will scan and clean directories for viruses and other malwares.<br/> The manual for <B>escan</B> can be accessed using command<br/> <br/> #man escan<br/> <br/> The command-line option is available in eScan for Linux Desktop and eScan for Linux File Servers+ To scan a system from the Command-line using the terminal, run the following command
 + <B><font size=2># escan [OPTIONS]... [OBJECT]...</font></B>
 + This command will scan and clean directories for viruses and other malwares.<br/>
 + The manual for <B>escan</B> can be accessed using command
 + <B><font size=2>#man escan</font></B><br/>
 + The command-line option is available in eScan for Linux Desktop and
 + eScan for Linux File Servers
==Synopsis<br/>== ==Synopsis<br/>==
Line 35: Line 49:
=== <font size=3>Scan Actions</font><br/> === === <font size=3>Scan Actions</font><br/> ===
- These option defines the action to be taken in case of any infected object found by scanner.<br/> + These option defines the action to be taken in case of any infected object found by
 + scanner.<br/>
<B><font size=2>-ly, --log-only</font></B> <B><font size=2>-ly, --log-only</font></B>
Only Report infection found / detected in the scanned log. No action on infected Only Report infection found / detected in the scanned log. No action on infected
files.<br/> files.<br/>
<B><font size=2>-dl, --disinfect-log</font></B> <B><font size=2>-dl, --disinfect-log</font></B>
- Will try to Disinfect, if not possible shall Report infection found / detected in the scanned log.<br/> + Will try to Disinfect, if not possible shall Report infection found / detected
 + in the scanned log.<br/>
<B><font size=2>-dd, --disinfect-delete</font></B> <B><font size=2>-dd, --disinfect-delete</font></B>
Will try to Disinfect, if not possible shall delete the infected object.<br/> Will try to Disinfect, if not possible shall delete the infected object.<br/>
<B><font size=2>-dq, --disinfect-quarantine</font></B> <B><font size=2>-dq, --disinfect-quarantine</font></B>
- Will try to Disinfect, if not possible shall quarantine (Default) the infected object.<br/> + Will try to Disinfect, if not possible shall quarantine (Default) the infected
 + object.<br/>
<B><font size=2>-dr, --disinfect-rename</font></B> <B><font size=2>-dr, --disinfect-rename</font></B>
Will try to Disinfect, if not possible shall rename the infected object.<br/> Will try to Disinfect, if not possible shall rename the infected object.<br/>
<B><font size=2>-dp, --disinfect-prompt</font></B> <B><font size=2>-dp, --disinfect-prompt</font></B>
- Will try to Disinfect, if not possible shall prompt for the action to be taken on the infected object.+ Will try to Disinfect, if not possible shall prompt for the action to be taken on
 + the infected object.
Following Actions will be prompted: Following Actions will be prompted:
Do Nothing Do Nothing
Line 62: Line 80:
Will Quarantine the Infected object.<br/> Will Quarantine the Infected object.<br/>
<B><font size=2>-pr, --prompt</font></B> <B><font size=2>-pr, --prompt</font></B>
- Will Prompt for an Action to be taken on the infected object without trying to disinfect it.<br/> + Will Prompt for an Action to be taken on the infected object without trying to
 + disinfect it.<br/>
<B><font size=2>-qp, --quarantine-path*</font></B> <B><font size=2>-qp, --quarantine-path*</font></B>
Sets the Quarantine Path for the infected object. It sets action as quarantine. Sets the Quarantine Path for the infected object. It sets action as quarantine.
Line 75: Line 94:
Example Example
# escan -re mwt<br/> # escan -re mwt<br/>
- <B>NOTE:</B>Quarantine path and Rename extension Parameters are descarded, if action is set as ’prompt’.<br/> In that case default qurantine path ’/var/MicroWorld/var/quarantine/escan’ and default rename extension ’.mwt’<br/> will be used.Also, provide only one of -qp or -re, otherwise both the parameters will be ignored and default values<br/> will be used.<br/> + <B>NOTE:</B>Quarantine path and Rename extension Parameters are descarded, if action is
 + set as ’prompt’. In that case default qurantine path
 + ’/var/MicroWorld/var/quarantine/escan’ and default rename extension ’.mwt’
 + will be used.Also, provide only one of -qp or -re, otherwise both the parameters
 + will be ignored and default values will be used.<br/>
Line 145: Line 168:
To exclude files having extension exe, com type To exclude files having extension exe, com type
# escan -xx exe, com /home<br/> # escan -xx exe, com /home<br/>
- <B>NOTE:</B> By default, all files with extension ’.mwt’ will be exclude, if not explicitly declared in scan extension list.<br/>+ <B>NOTE:</B> By default, all files with extension ’.mwt’ will be exclude, if not explicitly
 + declared in scan extension list.<br/>
<B><font size=2>-xd, --exclude-dirs</font></B> <B><font size=2>-xd, --exclude-dirs</font></B>
Exclude directory(ies) on scan path. Exclude directory(ies) on scan path.
Line 251: Line 275:
=== <font size=3>Schedule Options (for root users login only)</font><br/> === === <font size=3>Schedule Options (for root users login only)</font><br/> ===
- These options allows to schedule jobs scanning. These options are available to root user only.<br/> + These options allows to schedule jobs scanning. These options are available
 + to root user only.<br/>
<B><font size=2>-sc, --save-schedule</font></B> <B><font size=2>-sc, --save-schedule</font></B>
Save the Scheduled Job for scanning. This option requires a parameter Save the Scheduled Job for scanning. This option requires a parameter
Line 311: Line 336:
15:30 on every Wednesday.<br/> 15:30 on every Wednesday.<br/>
- +</div>
=== <font size=3>Help Options</font><br/> === === <font size=3>Help Options</font><br/> ===
<B><font size=2>-h,--help</font></B><br/> <B><font size=2>-h,--help</font></B><br/>
Print this help message and Exit<br/> Print this help message and Exit<br/>

Current revision

Image:escan-g.jpg
· eScan  · MailScan  · Technologies   · Technical Info  · Security Awareness  · User Guides
Command-Line Parameters for Manual scanning

Contents


Info

      To scan a system from the Command-line using the terminal, run the following command
      # escan [OPTIONS]... [OBJECT]...
      This command will scan and clean directories for viruses and other malwares.
The manual for escan can be accessed using command #man escan
The command-line option is available in eScan for Linux Desktop and eScan for Linux File Servers

Synopsis

      escan [OPTIONS]... [OBJECT]...
        

Options

Scan Actions

           These option defines the action to be taken in case of any infected object found by 
           scanner.
-ly, --log-only Only Report infection found / detected in the scanned log. No action on infected files.
-dl, --disinfect-log Will try to Disinfect, if not possible shall Report infection found / detected in the scanned log.
-dd, --disinfect-delete Will try to Disinfect, if not possible shall delete the infected object.
-dq, --disinfect-quarantine Will try to Disinfect, if not possible shall quarantine (Default) the infected object.
-dr, --disinfect-rename Will try to Disinfect, if not possible shall rename the infected object.
-dp, --disinfect-prompt Will try to Disinfect, if not possible shall prompt for the action to be taken on the infected object. Following Actions will be prompted: Do Nothing Delete Quarantine Rename Cancel Scan
-di, --delete-infected Will Delete the Infected object.
-ri, --rename-infected Will Rename the Infected object.
-qi, --quarantine-infected Will Quarantine the Infected object.
-pr, --prompt Will Prompt for an Action to be taken on the infected object without trying to disinfect it.
-qp, --quarantine-path* Sets the Quarantine Path for the infected object. It sets action as quarantine. While setting Quarantine Path, make sure that user has write permission to directory.
Example # escan -qp /var/MicroWorld/var/quarantine/escan
-re, --rename-extension* Renames infected file with this extension. Extension must be alphanumeric string starting with alphabet and 1 to 5 characters long. Please do not put dot (’.’) before extension value.
Example # escan -re mwt
NOTE:Quarantine path and Rename extension Parameters are descarded, if action is set as ’prompt’. In that case default qurantine path ’/var/MicroWorld/var/quarantine/escan’ and default rename extension ’.mwt’ will be used.Also, provide only one of -qp or -re, otherwise both the parameters will be ignored and default values will be used.


Recursion Options

           These option defines the objects and sub-objects to be scanned during scanning.
-rr, --recursion Will Scan files in the Directories and in the Sub-Directories recursively. By default this option is enabled.
-rr-, --no-recursion Will scan only the files in the directory of subject to scan without following any sub-directory in the path.
-lk-, --no-symlink While scanning the object(s), any symbolic link in the path will be will not be followed and will be ignored. By default, all symbolic link scanning is disabled.
-lk, --all-symlink While scanning the object(s), any symbolic link in the path will be resolved and will be scanned.
-cr-, --no-cross-fs While resolving the symbolic link in scan path or object, if any object is found on other device (physical device or logical file system), the object will be ignored and path will not be followed. By default, any cross file system scanning is diabled.
-cr, --cross-fs While resolving the symbolic link in scan path or object, if object(s) is/are foundon other device, the path will be followed for scanning.


Scan Options

           These option defines the types of objects to be scanned during scanning.
-m0, --mem-scan-only In current scan session, scan memory for any virus(es).
-m, --mem-scan For every scan, memory will be scanned before performing any other scanning. By defualt, memory is set to scan at every scan session startup.
-m-, --no-mem-scan Disbale all memory scan at scan session startup.
-au, --auto-update At every scan session startup, update virus definition database, before scanning.
-pk, --pack Scan packed files on scan path.
-pk-, --no-pack Do not scan any packed files on scan path.
-ac, --archives Scan archived files on scan path.
-ac-, --no-archives Do not scan archived files on scan path.
-db, --mails Scan plain mails & mail database files on scan path.
-db-, --no-mail Do not scan plain mails & mail database files on scan path.
-hu, --heuristic Perform heuristic checks for any suspected pattern of unknown virus(es) in object(s).
-hu-, --no-heuristic Do perform heuristic checks for suspected pattern of unknown virus(es).
-sx, --scan-ext Scan file(s) having defined extension(s). Seperate multiple extensions by ’,’.
Example:
To scan files having extensions exe # escan -sx exe /home
To scan files having extensions exe or com # escan -sx exe,com /home
-xx, --exclude-ext Exclude file(s) having defined extension(s) on scan path. Seperate multiple extensions by ’,’.
Example:
To exclude files having extension exe type # escan -xx exe /home
To exclude files having extension exe, com type # escan -xx exe, com /home
NOTE: By default, all files with extension ’.mwt’ will be exclude, if not explicitly declared in scan extension list.
-xd, --exclude-dirs Exclude directory(ies) on scan path. Seperate multiple directories by ’,’.
Example:
To exclude the /var directory from scanning # escan -xd /var /
To exclude the /var and /opt directory from scanning # escan -xd /var,/opt /
-dh, --max-depth While performing recursive scanning, it allows scanner to follow the defined number of depth only. This option is ignored, if recursive scanning is disabled.
Example:
To scan upto 2 level of depth while scanning /home # escan -dh 2 /home
-ms, --max-size As larger files takes more time to scan, exclude the larger file(s) by providing this option. suffix the size parameter with ’b’ for byte / ’k’ for kilo-bytes / ’m’ for mega-bytes. If no suffix is provides, scanner assumes the size parameter in KB.
Example:
To exclude files larger than 5 MB # escan -mx 5m /home


General Options

           These option defines the types of logging during scanning and other general options.
-v, --version Display the MicroWorld eScan version inforamtion(s).
y0, --display-none Do not display any output on the terminal while scan is in progress.
-ym, --display-minimum Display Minimum output on terminal. Only initialization alert, scan configuration and scan result statistics will be printed.
-yi, --display-infected In addition to above information, all infection and action details will be printed to terminal.
-y, --display-all Display eveything on terminal.
-l, --log-path Will set the scan log file path. eScan creates escan directory in log directory to differentiate escan log from other logs.
-l0, --no-log Do not log any thing. No log file will be created.
-lm, --log-minimum Log Minimum infomation. Only initialization alert, scan configuration and scan result statistics will be printed.
-li, --log-infections In addition to above information, all infection and action details will be printed in log file.
-la, --log-all Log everything.
-ss, --save-settings Save the provided scan setting as default settings before scanning.
-so, --save-only Save the provided scan setting as default settings and exit without scanning.
-G, --restore-global This option is available to non-root user’s only. All user (except root) has their own default settings configuration saved. This option reset the user’s default settings with the Global settings (root’s settings).
-ui, --av-info Display the AV engine version, last virus signature update date and virus signature count and exit.


Update Options (for root users login only)

           These option defines the settings to download the eScan AV updates from the internet.
These options are available to root user only.
-u, --update Start downloading the latest virus definitions.
-x, --use-proxy Use Proxy for downloading the updates from internet.
-x-, --no-proxy Do not use the Proxy for downloading the updates from internet.
-xi, --proxy-ip IP Address of the Proxy Server.
-xt, --proxy-port Port of the Proxy Server
Example:
To download the Virus defination using the proxy setting # escan -u -xi 192.168.0.25 -xt 8080
-xa, --use-proxy-auth Use the Proxy authentication for downloading the virus definition.
-xa-, --no-proxy-auth Do not use Proxy authentication for downloading the virus definition.
-xu, --proxy-user Proxy authentication user name.
-pw, --proxy-passwd Proxy authentication password.
-ul, --server-list Use update server(s) instead of default update server (not recommended). Separate multi servers by comma.
-xs, --use-https Use the secure http to download updates.
-xs-, --use-http Do not use secure http to download updates.
-to, --time-out Set the connection time out (in seconds) for downloading updates.
-rc, --retries Set the retry count in case of connection failure for downloading. These options are available to root user only.


Schedule Options (for root users login only)

           These options allows to schedule jobs scanning. These options are available 
           to root user only.
-sc, --save-schedule Save the Scheduled Job for scanning. This option requires a parameter as UNIQUE job name. Job name must be alphanumeric starting with an alphabet and 1 to 10 characters long.
-min, --minute Schedule job minutes of hour [0-59].
-hr, --hour Schedule job hour of day [0-23].
-day, --month-day Schedule job day of month [1-(28/29/30/31)].
-wd, --week-day Schedule job day of week [0-6] (0 Sun/1 Mon/.../6 Sat).
-mon, --month Schedule job month of yesk [1-12].
-fq, --frequency Schedule job frequency.
0 once 1 hourly 2 daily 3 monthly 4 weekly
-ds, --del-schedule Delete save scheduled job. This option requires a parameter as existing job name.
Example:
# escan -ds <job name>
-do, --delete-old Purge all expired/outdated schdules.
Note:
All schedules accepts scan and action parameters (except memory scan options), that will be saved for new job. By default, schedules are saved with the default scan options
Schedule examples:
To schedule a scanning to run only ONCE on the current date at paritcular time: # escan -sc job1 -fq 0 -hr 15 -min 30 /home Above command saves schedule with name job1, that will start scan at 15:30 on current day.
To schedule a scanning to run only ONCE on specified date at particular time: # escan -sc job2 -fq 0 -day 1 -mon 10 -hr 15 -min 30 /home Above command saves schedule with name job2, that will start scan at 15:30 on 1st of octobor.
To schedule a scanning to run at every HOUR: # escan -sc job3 -fq 1 -min 59 /home Above command saves schedule with name job3, that will start scan at 59th minute of every hour.
To schedule a scanning to run Daily at a particular: # escan -sc job4 -fq 2 -hr 15 -min 40 /home Above command saves schedule with name job4, that will start scan at 2:15 every day.
To schedule a scanning to run every MONTH: # escan -sc job5 -fq 3 -day 1 -hr 15 -min 30 /home Above command saves schedule with name job5, that will start scan at 15:30 on 1st of every month.
To schedule a scanning to run every WEEK: # escan -sc job6 -fq 4 -wd 3 -hr 15 -min 30 /home Above command saves schedule with name job5, that will start scan at 15:30 on every Wednesday.

Help Options

           -h,--help
Print this help message and Exit

eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers   This page has been accessed 77,072 times.