eScan Blog
eScan Website
eScan Forum
eScan Feeds From eScan Wiki
(Difference between revisions)
| Revision as of 09:07, 22 March 2010 WikiSysop (Talk | contribs) ← Previous diff |
Current revision WikiSysop (Talk | contribs) |
||
| Line 2: | Line 2: | ||
| |- | |- | ||
| {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" | {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" | ||
| - | |style="text-align:left;"|'''Languages :''' '''·''' [[EPC|<font size=1.5 color="blue">English</font>]] '''·''' [[Escan/latinspanish/protection|<font size=1.5 color="blue">Español</font>]] '''·''' [[Escan/italian/protection|<font size=1.5 color="blue">Italiano</font>]] '''·''' [[Escan/chinese/EPC|<font size=1.5 color="blue">中文(繁體)</font>]] | + | | style="width:10%; color:#000;" | |
| + | {| style="width:100px; border:none; background:none;" | ||
| + | | [[Image:escan-g.jpg]] | ||
| |} | |} | ||
| - | <!-- | + | |style="text-align:left;"|'''·''' [[Escan/english/FAQ-eScan|<font size=1.5 color="blue" |
| - | {| class="wikitable" border="0" | + | |
| - | |- | + | align="left">eScan</font>]] '''·''' [[Escan/english/MailScan-AFT|<font size=1.5 |
| - | {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" | + | |
| - | | style="width:56%; color:#000;" | | + | color="blue">MailScan</font>]] '''·''' [[Escan/english/Technologies|<font size=1.5 |
| - | {| style="width:280px; border:none; background:none;" | + | |
| - | | [[Image:mwti_logo.gif|left]] | + | color="blue">Technologies</font>]] |
| - | |} | + | |style="text-align:right;"| '''·''' [[Technical Info|<font size=1.5 color="blue">Technical |
| - | --> | + | |
| - | {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;text-align:left;" | + | Info</font>]] '''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security |
| - | |width="1000pt" style="width:18%; font-size:95%;text-align:left;white-space:nowrap;"| | + | |
| - | <B>General</B> | + | Awareness</font>]] '''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]] |
| - | * [http://www.mwti.net/<font color="blue">MicroWorld Website</font>] | + | |
| - | * [[Main Page|<font color="blue">MicroWorld WIKI</font>]] | + | |
| - | * [[Marketing|<font color="blue">Marketing</font>]] | + | |
| - | * [[Events|<font color="blue">Events</font>]] | + | |
| - | * [[Marketing/Advertisement|<font color="blue">Advertisement</font>]] | + | |
| - | |width="1000pt" style="width:18%; font-size:95%;text-align:left;white-space:nowrap;"| | + | |
| - | <B>Knowledgebase</B> | + | |
| - | * [[Technical Info|<font color="blue">Technical Information</font>]] | + | |
| - | * [[Beta Testing|<font color="blue">Beta Testing</font>]] | + | |
| - | * [[Release Candidate|<font color="blue">Release Candidate</font>]] | + | |
| - | * [[User Guide|<font color="blue">User Guides</font>]] | + | |
| - | |width="1000pt" style="width:18%; font-size:95%;text-align:left;white-space:nowrap;"| | + | |
| - | <B> Support </B> | + | |
| - | * [[EMail|<font color="blue">eMail</font>]] | + | |
| - | * [[Online Chat|<font color="blue">Online Chat</font>]] | + | |
| - | * [[Telephonic Support|<font color="blue">Telephone</font>]] | + | |
| - | * [[Remote Support|<font color="blue">Remote Support</font>]] | + | |
| - | * [[Forums|<font color="blue">Forums</font>]] | + | |
| |} | |} | ||
| + | |||
| {| class="wikitable" border="0" | {| class="wikitable" border="0" | ||
| - | |- | + | |} |
| {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" | {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" | ||
| |style="text-align:left;"|<font size=3>'''Command-Line Parameters for Manual scanning'''</font> | |style="text-align:left;"|<font size=3>'''Command-Line Parameters for Manual scanning'''</font> | ||
| Line 45: | Line 30: | ||
| |} | |} | ||
| <!--__NOTOC__--> | <!--__NOTOC__--> | ||
| + | __TOC__ | ||
| + | <div align="justify"> | ||
| + | ==Info== | ||
| + | To scan a system from the Command-line using the terminal, run the following command | ||
| + | <B><font size=2># escan [OPTIONS]... [OBJECT]...</font></B> | ||
| + | This command will scan and clean directories for viruses and other malwares.<br/> | ||
| + | The manual for <B>escan</B> can be accessed using command | ||
| + | <B><font size=2>#man escan</font></B><br/> | ||
| + | The command-line option is available in eScan for Linux Desktop and | ||
| + | eScan for Linux File Servers | ||
| - | + | ==Synopsis<br/>== | |
| - | + | ||
| - | + | ||
| - | + | ||
| - | SYNOPSIS | + | |
| escan [OPTIONS]... [OBJECT]... | escan [OPTIONS]... [OBJECT]... | ||
| - | |||
| - | DESCRIPTION | ||
| - | Scans and cleans directories and files for viruses and other malwares. | ||
| - | <B>OPTIONS</B> | ||
| + | ==Options== | ||
| - | <B>Scan Actions</B> | + | === <font size=3>Scan Actions</font><br/> === |
| - | These option are the action to be taken in case of any infected object found by scanner. | + | These option defines the action to be taken in case of any infected object found by |
| - | -ly, --log-only | + | scanner.<br/> |
| - | Only Report infection found / detected in the scanned log. No action on infected | + | <B><font size=2>-ly, --log-only</font></B> |
| - | files. | + | Only Report infection found / detected in the scanned log. No action on infected |
| - | -dl, --disinfect-log | + | files.<br/> |
| - | Will try to Disinfect, if not possible shall Report infection found / detected | + | <B><font size=2>-dl, --disinfect-log</font></B> |
| - | in the scanned log. | + | Will try to Disinfect, if not possible shall Report infection found / detected |
| - | -dd, --disinfect-delete | + | in the scanned log.<br/> |
| - | Will try to Disinfect, if not possible shall delete the infected object. | + | <B><font size=2>-dd, --disinfect-delete</font></B> |
| - | -dq, --disinfect-quarantine | + | Will try to Disinfect, if not possible shall delete the infected object.<br/> |
| - | Will try to Disinfect, if not possible shall quarantine (Default) the infected | + | <B><font size=2>-dq, --disinfect-quarantine</font></B> |
| - | object. | + | Will try to Disinfect, if not possible shall quarantine (Default) the infected |
| - | -dr, --disinfect-rename | + | object.<br/> |
| - | Will try to Disinfect, if not possible shall rename the infected object. | + | <B><font size=2>-dr, --disinfect-rename</font></B> |
| - | -dp, --disinfect-prompt | + | Will try to Disinfect, if not possible shall rename the infected object.<br/> |
| - | Will try to Disinfect, if not possible shall prompt for the action to be taken | + | <B><font size=2>-dp, --disinfect-prompt</font></B> |
| - | on the infected object. | + | Will try to Disinfect, if not possible shall prompt for the action to be taken on |
| + | the infected object. | ||
| Following Actions will be prompted: | Following Actions will be prompted: | ||
| Do Nothing | Do Nothing | ||
| Line 83: | Line 72: | ||
| Quarantine | Quarantine | ||
| Rename | Rename | ||
| - | Cancel Scan | + | Cancel Scan<br/> |
| - | -di, --delete-infected | + | <B><font size=2>-di, --delete-infected</font></B> |
| - | Will Delete the Infected object. | + | Will Delete the Infected object.<br/> |
| - | -ri, --rename-infected | + | <B><font size=2>-ri, --rename-infected</font></B> |
| - | Will Rename the Infected object. | + | Will Rename the Infected object.<br/> |
| - | -qi, --quarantine-infected | + | <B><font size=2>-qi, --quarantine-infected</font></B> |
| - | Will Quarantine the Infected object. | + | Will Quarantine the Infected object.<br/> |
| - | -pr, --prompt | + | <B><font size=2>-pr, --prompt</font></B> |
| - | Will Prompt for an Action to be taken on the infected object without trying | + | Will Prompt for an Action to be taken on the infected object without trying to |
| - | to disinfect it. | + | disinfect it.<br/> |
| - | -qp, --quarantine-path* | + | <B><font size=2>-qp, --quarantine-path*</font></B> |
| - | Sets the Quarantine Path for the infected object. It sets action as quarantine. | + | Sets the Quarantine Path for the infected object. It sets action as quarantine. |
| While setting Quarantine Path, make sure that user has write permission to | While setting Quarantine Path, make sure that user has write permission to | ||
| - | directory. | + | directory.<br/> |
| Example | Example | ||
| - | # escan -qp /var/MicroWorld/var/quarantine/escan | + | # escan -qp /var/MicroWorld/var/quarantine/escan<br/> |
| - | -re, --rename-extension* | + | <B><font size=2>-re, --rename-extension*</font></B> |
| Renames infected file with this extension. Extension must be alphanumeric string | Renames infected file with this extension. Extension must be alphanumeric string | ||
| starting with alphabet and 1 to 5 characters long. Please do not put dot (’.’) | starting with alphabet and 1 to 5 characters long. Please do not put dot (’.’) | ||
| - | before extension value. | + | before extension value.<br/> |
| - | Example | + | Example |
| - | # escan -re mwt | + | # escan -re mwt<br/> |
| - | * Quarantine path and Rename extension Parameters are descarded, if action is set as ’prompt’. In that case default qurantine path | + | <B>NOTE:</B>Quarantine path and Rename extension Parameters are descarded, if action is |
| - | ’/var/MicroWorld/var/quarantine/escan’ and default rename extension ’.mwt’ will be used. | + | set as ’prompt’. In that case default qurantine path |
| - | Also, provide only one of -qp or -re, otherwise both the parameters will be ignored and default values will be used. | + | ’/var/MicroWorld/var/quarantine/escan’ and default rename extension ’.mwt’ |
| - | + | will be used.Also, provide only one of -qp or -re, otherwise both the parameters | |
| + | will be ignored and default values will be used.<br/> | ||
| - | <B>Recursion Options</B> | + | === <font size=3>Recursion Options</font><br/> === |
| - | -rr, --recursion | + | These option defines the objects and sub-objects to be scanned during scanning.<br/> |
| + | <B><font size=2>-rr, --recursion</font></B> | ||
| Will Scan files in the Directories and in the Sub-Directories recursively. | Will Scan files in the Directories and in the Sub-Directories recursively. | ||
| - | By default this option is enabled. | + | By default this option is enabled.<br/> |
| - | -rr-, --no-recursion | + | <B><font size=2>-rr-, --no-recursion</font></B> |
| Will scan only the files in the directory of subject to scan without following | Will scan only the files in the directory of subject to scan without following | ||
| - | any sub-directory in the path. | + | any sub-directory in the path.<br/> |
| - | -lk-, --no-symlink | + | <B><font size=2>-lk-, --no-symlink</font></B> |
| While scanning the object(s), any symbolic link in the path will be will not be | While scanning the object(s), any symbolic link in the path will be will not be | ||
| - | followed and will be ignored. By default, all symbolic link scanning is disabled. | + | followed and will be ignored. By default, all symbolic link scanning is disabled.<br/> |
| - | -lk, --all-symlink | + | <B><font size=2>-lk, --all-symlink</font></B> |
| While scanning the object(s), any symbolic link in the path will be resolved and | While scanning the object(s), any symbolic link in the path will be resolved and | ||
| - | will be scanned. | + | will be scanned.<br/> |
| - | -cr-, --no-cross-fs | + | <B><font size=2>-cr-, --no-cross-fs</font></B> |
| While resolving the symbolic link in scan path or object, if any object is found | While resolving the symbolic link in scan path or object, if any object is found | ||
| on other device (physical device or logical file system), the object will be | on other device (physical device or logical file system), the object will be | ||
| ignored and path will not be followed. By default, any cross file system scanning | ignored and path will not be followed. By default, any cross file system scanning | ||
| - | is diabled. | + | is diabled.<br/> |
| - | -cr, --cross-fs | + | <B><font size=2>-cr, --cross-fs</font></B> |
| While resolving the symbolic link in scan path or object, if object(s) is/are | While resolving the symbolic link in scan path or object, if object(s) is/are | ||
| - | foundon other device, the path will be followed for scanning. | + | foundon other device, the path will be followed for scanning.<br/> |
| - | <B>Scan Options</B> | + | === <font size=3>Scan Options</font><br/> === |
| - | -m0, --mem-scan-only | + | These option defines the types of objects to be scanned during scanning.<br/> |
| - | In current scan session, scan memory for any virus(es). | + | <B><font size=2>-m0, --mem-scan-only</font></B> |
| - | -m, --mem-scan | + | In current scan session, scan memory for any virus(es).<br/> |
| - | For every scan, memory will be scanner before performing any other scanning. | + | <B><font size=2>-m, --mem-scan</font></B> |
| - | By defualt, memory is set to scan at every scan session startup. | + | For every scan, memory will be scanned before performing any other scanning. |
| - | -m-, --no-mem-scan | + | By defualt, memory is set to scan at every scan session startup.<br/> |
| - | Disbale all memory scan at scan session startup. | + | <B><font size=2>-m-, --no-mem-scan</font></B> |
| - | -au, --auto-update | + | Disbale all memory scan at scan session startup.<br/> |
| - | At every scan session startup, update virus definition database, before scanning. | + | <B><font size=2>-au, --auto-update</font></B> |
| - | -pk, --pack | + | At every scan session startup, update virus definition database, before scanning.<br/> |
| - | Scan packed files on scan path. | + | <B><font size=2>-pk, --pack</font></B> |
| - | -pk-, --no-pack | + | Scan packed files on scan path.<br/> |
| - | Do not scan any packed files on scan path. | + | <B><font size=2>-pk-, --no-pack</font></B> |
| - | -ac, --archives | + | Do not scan any packed files on scan path.<br/> |
| - | Scan archived files on scan path. | + | <B><font size=2>-ac, --archives</font></B> |
| - | -ac-, --no-archives | + | Scan archived files on scan path.<br/> |
| - | Do not scan archived files on scan path. | + | <B><font size=2>-ac-, --no-archives</font></B> |
| - | -db, --mails | + | Do not scan archived files on scan path.<br/> |
| - | Scan plain mails & mail database files on scan path. | + | <B><font size=2>-db, --mails</font></B> |
| - | -db-, --no-mail | + | Scan plain mails & mail database files on scan path.<br/> |
| - | Do not scan plain mails & mail database files on scan path. | + | <B><font size=2>-db-, --no-mail</font></B> |
| - | -hu, --heuristic | + | Do not scan plain mails & mail database files on scan path.<br/> |
| - | Perform heuristic checks for any suspected pattern of unknown virus(es) in object(s). | + | <B><font size=2>-hu, --heuristic</font></B> |
| - | -hu-, --no-heuristic | + | Perform heuristic checks for any suspected pattern of unknown virus(es) in object(s).<br/> |
| - | Do perform heuristic checks for suspected pattern of unknown virus(es). | + | <B><font size=2>-hu-, --no-heuristic</font></B> |
| - | -sx, --scan-ext | + | Do perform heuristic checks for suspected pattern of unknown virus(es).<br/> |
| + | <B><font size=2>-sx, --scan-ext</font></B> | ||
| Scan file(s) having defined extension(s). | Scan file(s) having defined extension(s). | ||
| - | Seperate multiple extensions by ’,’. | + | Seperate multiple extensions by ’,’.<br/> |
| - | Example: | + | Example:<br/> |
| To scan files having extensions exe | To scan files having extensions exe | ||
| - | # escan -sx exe /home | + | # escan -sx exe /home<br/> |
| To scan files having extensions exe or com | To scan files having extensions exe or com | ||
| - | # escan -sx exe,com /home | + | # escan -sx exe,com /home<br/> |
| - | -xx, --exclude-ext | + | <B><font size=2>-xx, --exclude-ext</font></B> |
| Exclude file(s) having defined extension(s) on scan path. | Exclude file(s) having defined extension(s) on scan path. | ||
| - | Seperate multiple extensions by ’,’. | + | Seperate multiple extensions by ’,’.<br/> |
| - | Example: | + | Example:<br/> |
| To exclude files having extension exe type | To exclude files having extension exe type | ||
| - | # escan -xx exe /home | + | # escan -xx exe /home<br/> |
| To exclude files having extension exe, com type | To exclude files having extension exe, com type | ||
| - | # escan -xx exe, com /home | + | # escan -xx exe, com /home<br/> |
| - | * By default, all files with extension ’.mwt’ will be exclude, if not explicitly declared in scan extension list. | + | <B>NOTE:</B> By default, all files with extension ’.mwt’ will be exclude, if not explicitly |
| - | -xd, --exclude-dirs | + | declared in scan extension list.<br/> |
| + | <B><font size=2>-xd, --exclude-dirs</font></B> | ||
| Exclude directory(ies) on scan path. | Exclude directory(ies) on scan path. | ||
| - | Seperate multiple directories by ’,’. | + | Seperate multiple directories by ’,’.<br/> |
| - | Example: | + | Example:<br/> |
| To exclude the /var directory from scanning | To exclude the /var directory from scanning | ||
| - | # escan -xd /var / | + | # escan -xd /var /<br/> |
| To exclude the /var and /opt directory from scanning | To exclude the /var and /opt directory from scanning | ||
| - | # escan -xd /var,/opt / | + | # escan -xd /var,/opt /<br/> |
| - | -dh, --max-depth | + | <B><font size=2>-dh, --max-depth</font></B> |
| While performing recursive scanning, it allows scanner to follow the defined | While performing recursive scanning, it allows scanner to follow the defined | ||
| - | number of depth only. This option is ignored, if recursive scanning is disabled. | + | number of depth only. This option is ignored, if recursive scanning is disabled.<br/> |
| - | Example: | + | Example:<br/> |
| To scan upto 2 level of depth while scanning /home | To scan upto 2 level of depth while scanning /home | ||
| - | # escan -dh 2 /home | + | # escan -dh 2 /home<br/> |
| - | -ms, --max-size | + | <B><font size=2>-ms, --max-size</font></B> |
| As larger files takes more time to scan, exclude the larger file(s) by providing | As larger files takes more time to scan, exclude the larger file(s) by providing | ||
| this option. suffix the size parameter with | this option. suffix the size parameter with | ||
| ’b’ for byte / ’k’ for kilo-bytes / ’m’ for mega-bytes. | ’b’ for byte / ’k’ for kilo-bytes / ’m’ for mega-bytes. | ||
| - | If no suffix is provides, scanner assumes the size parameter in KB. | + | If no suffix is provides, scanner assumes the size parameter in KB.<br/> |
| - | Example: | + | Example:<br/> |
| To exclude files larger than 5 MB | To exclude files larger than 5 MB | ||
| - | # escan -mx 5m /home | + | # escan -mx 5m /home<br/> |
| - | <B>General Options</B> | + | === <font size=3>General Options</font><br/> === |
| - | -v, --version | + | These option defines the types of logging during scanning and other general options.<br/> |
| - | Display the MicroWorld eScan version inforamtion(s). | + | <B><font size=2>-v, --version</font></B> |
| - | -y0, --display-none | + | Display the MicroWorld eScan version inforamtion(s).<br/> |
| - | Do not display any output on the terminal while scan is in progress. | + | <B><font size=2>y0, --display-none</font></B> |
| - | -ym, --display-minimum | + | Do not display any output on the terminal while scan is in progress.<br/> |
| + | <B><font size=2>-ym, --display-minimum</font></B> | ||
| Display Minimum output on terminal. Only initialization alert, | Display Minimum output on terminal. Only initialization alert, | ||
| - | scan configuration and scan result statistics will be printed. | + | scan configuration and scan result statistics will be printed.<br/> |
| - | -yi, --display-infected | + | <B><font size=2>-yi, --display-infected</font></B> |
| In addition to above information, all infection and action details | In addition to above information, all infection and action details | ||
| - | will be printed to terminal. | + | will be printed to terminal.<br/> |
| - | -y, --display-all | + | <B><font size=2>-y, --display-all</font></B> |
| - | Display eveything on terminal. | + | Display eveything on terminal.<br/> |
| - | -l, --log-path | + | <B><font size=2>-l, --log-path</font></B> |
| Will set the scan log file path. eScan creates escan directory in | Will set the scan log file path. eScan creates escan directory in | ||
| - | log directory to differentiate escan log from other logs. | + | log directory to differentiate escan log from other logs.<br/> |
| - | -l0, --no-log | + | <B><font size=2>-l0, --no-log</font></B> |
| - | Do not log any thing. No log file will be created. | + | Do not log any thing. No log file will be created.<br/> |
| - | -lm, --log-minimum | + | <B><font size=2>-lm, --log-minimum</font></B> |
| Log Minimum infomation. Only initialization alert, scan configuration | Log Minimum infomation. Only initialization alert, scan configuration | ||
| - | and scan result statistics will be printed. | + | and scan result statistics will be printed.<br/> |
| - | -li, --log-infections | + | <B><font size=2>-li, --log-infections</font></B> |
| In addition to above information, all infection and action details | In addition to above information, all infection and action details | ||
| - | will be printed in log file. | + | will be printed in log file.<br/> |
| - | -la, --log-all | + | <B><font size=2>-la, --log-all</font></B> |
| - | Log everything. | + | Log everything.<br/> |
| - | -ss, --save-settings | + | <B><font size=2>-ss, --save-settings</font></B> |
| - | Save the provided scan setting as default settings before scanning. | + | Save the provided scan setting as default settings before scanning.<br/> |
| - | -so, --save-only | + | <B><font size=2>-so, --save-only</font></B> |
| Save the provided scan setting as default settings and exit without | Save the provided scan setting as default settings and exit without | ||
| - | scanning. | + | scanning.<br/> |
| - | -G, --restore-global | + | <B><font size=2>-G, --restore-global</font></B> |
| This option is available to non-root user’s only. All user (except root) | This option is available to non-root user’s only. All user (except root) | ||
| has their own default settings configuration saved. This option reset | has their own default settings configuration saved. This option reset | ||
| - | the user’s default settings with the Global settings (root’s settings). | + | the user’s default settings with the Global settings (root’s settings).<br/> |
| - | -ui, --av-info | + | <B><font size=2>-ui, --av-info</font></B> |
| Display the AV engine version, last virus signature update date and | Display the AV engine version, last virus signature update date and | ||
| - | virus signature count and exit. | + | virus signature count and exit.<br/> |
| - | <B>Update Options</B> | + | === <font size=3>Update Options (for root users login only)</font><br/> === |
| - | These options are available to root user only. | + | These option defines the settings to download the eScan AV updates from the internet.<br/> These options are available to root user only.<br/> |
| - | -u, --update | + | <B><font size=2>-u, --update</font></B> |
| - | Start downloading the latest virus definitions. | + | Start downloading the latest virus definitions.<br/> |
| - | -x, --use-proxy | + | <B><font size=2>-x, --use-proxy</font></B> |
| - | Use Proxy for downloading the updates from internet. | + | Use Proxy for downloading the updates from internet.<br/> |
| - | -x-, --no-proxy | + | <B><font size=2>-x-, --no-proxy</font></B> |
| - | Do not use the Proxy for downloading the updates from internet. | + | Do not use the Proxy for downloading the updates from internet.<br/> |
| - | -xi, --proxy-ip | + | <B><font size=2>-xi, --proxy-ip</font></B> |
| - | IP Address of the Proxy Server. | + | IP Address of the Proxy Server.<br/> |
| - | -xt, --proxy-port | + | <B><font size=2>-xt, --proxy-port</font></B> |
| - | Port of the Proxy Server | + | Port of the Proxy Server<br/> |
| - | Example: | + | Example:<br/> |
| To download the Virus defination using the proxy setting | To download the Virus defination using the proxy setting | ||
| - | # escan -u -xi 192.168.0.25 -xt 8080 | + | # escan -u -xi 192.168.0.25 -xt 8080<br/> |
| - | -xa, --use-proxy-auth | + | <B><font size=2>-xa, --use-proxy-auth</font></B> |
| - | Use the Proxy authentication for downloading the virus definition. | + | Use the Proxy authentication for downloading the virus definition.<br/> |
| - | -xa-, --no-proxy-auth | + | <B><font size=2>-xa-, --no-proxy-auth</font></B> |
| - | Do not use Proxy authentication for downloading the virus definition. | + | Do not use Proxy authentication for downloading the virus definition.<br/> |
| - | -xu, --proxy-user | + | <B><font size=2>-xu, --proxy-user</font></B> |
| - | Proxy authentication user name. | + | Proxy authentication user name.<br/> |
| - | -pw, --proxy-passwd | + | <B><font size=2>-pw, --proxy-passwd</font></B> |
| - | Proxy authentication password. | + | Proxy authentication password.<br/> |
| - | -ul, --server-list | + | <B><font size=2>-ul, --server-list</font></B> |
| Use update server(s) instead of default update server (not recommended). | Use update server(s) instead of default update server (not recommended). | ||
| - | Separate multi servers by comma. | + | Separate multi servers by comma.<br/> |
| - | -xs, --use-https | + | <B><font size=2>-xs, --use-https</font></B> |
| - | Use the secure http to download updates. | + | Use the secure http to download updates.<br/> |
| - | -xs-, --use-http | + | <B><font size=2>-xs-, --use-http</font></B> |
| - | Do not use secure http to download updates. | + | Do not use secure http to download updates.<br/> |
| - | -to, --time-out | + | <B><font size=2>-to, --time-out</font></B> |
| - | Set the connection time out (in seconds) for downloading updates. | + | Set the connection time out (in seconds) for downloading updates.<br/> |
| - | -rc, --retries | + | <B><font size=2>-rc, --retries</font></B> |
| Set the retry count in case of connection failure for downloading. | Set the retry count in case of connection failure for downloading. | ||
| - | These options are available to root user only. | + | These options are available to root user only.<br/> |
| - | <B>Schedule Options (for root only)</B> | + | |
| - | -sc, --save-schedule | + | === <font size=3>Schedule Options (for root users login only)</font><br/> === |
| + | These options allows to schedule jobs scanning. These options are available | ||
| + | to root user only.<br/> | ||
| + | <B><font size=2>-sc, --save-schedule</font></B> | ||
| Save the Scheduled Job for scanning. This option requires a parameter | Save the Scheduled Job for scanning. This option requires a parameter | ||
| as UNIQUE job name. Job name must be alphanumeric starting with an alphabet and | as UNIQUE job name. Job name must be alphanumeric starting with an alphabet and | ||
| - | 1 to 10 characters long. | + | 1 to 10 characters long.<br/> |
| - | -min, --minute | + | <B><font size=2>-min, --minute</font></B> |
| - | Schedule job minutes of hour [0-59]. | + | Schedule job minutes of hour [0-59].<br/> |
| - | -hr, --hour | + | <B><font size=2>-hr, --hour</font></B> |
| - | Schedule job hour of day [0-23]. | + | Schedule job hour of day [0-23].<br/> |
| - | -day, --month-day | + | <B><font size=2>-day, --month-day</font></B> |
| - | Schedule job day of month [1-(28/29/30/31)]. | + | Schedule job day of month [1-(28/29/30/31)].<br/> |
| - | -wd, --week-day | + | <B><font size=2>-wd, --week-day</font></B> |
| - | Schedule job day of week [0-6] (0 Sun/1 Mon/.../6 Sat). | + | Schedule job day of week [0-6] (0 Sun/1 Mon/.../6 Sat).<br/> |
| - | -mon, --month | + | <B><font size=2>-mon, --month</font></B> |
| - | Schedule job month of yesk [1-12]. | + | Schedule job month of yesk [1-12].<br/> |
| - | -fq, --frequency | + | <B><font size=2>-fq, --frequency</font></B> |
| - | Schedule job frequency. | + | Schedule job frequency.<br/> |
| 0 once | 0 once | ||
| 1 hourly | 1 hourly | ||
| 2 daily | 2 daily | ||
| 3 monthly | 3 monthly | ||
| - | 4 weekly | + | 4 weekly<br/> |
| - | -ds, --del-schedule | + | <B><font size=2>-ds, --del-schedule</font></B> |
| Delete save scheduled job. This option requires a parameter | Delete save scheduled job. This option requires a parameter | ||
| - | as existing job name. | + | as existing job name.<br/> |
| - | Example: | + | Example:<br/> |
| - | # escan -ds <job name> | + | # escan -ds <job name><br/> |
| - | -do, --delete-old | + | <B><font size=2>-do, --delete-old</font></B> |
| - | Purge all expired/outdated schdules. | + | Purge all expired/outdated schdules.<br/> |
| - | -h, --help | + | |
| - | Print this message and Exit | + | <B>Note:</B><br/> |
| - | Note: | + | |
| All schedules accepts scan and action parameters (except memory scan options), | All schedules accepts scan and action parameters (except memory scan options), | ||
| that will be saved for new job. By default, schedules are saved with the default | that will be saved for new job. By default, schedules are saved with the default | ||
| - | scan options | + | scan options<br/> |
| - | Schedule examples: | + | <B>Schedule examples:</B><br/> |
| To schedule a scanning to run only ONCE on the current date at paritcular time: | To schedule a scanning to run only ONCE on the current date at paritcular time: | ||
| - | # escan -sc job1 -fq 0 -hr 15 -min 30 /home | + | # escan -sc job1 -fq 0 -hr 15 -min 30 /home |
| Above command saves schedule with name job1, that will start scan at | Above command saves schedule with name job1, that will start scan at | ||
| - | 15:30 on current day. | + | 15:30 on current day.<br/> |
| To schedule a scanning to run only ONCE on specified date at particular time: | To schedule a scanning to run only ONCE on specified date at particular time: | ||
| - | # escan -sc job2 -fq 0 -day 1 -mon 10 -hr 15 -min 30 /home | + | # escan -sc job2 -fq 0 -day 1 -mon 10 -hr 15 -min 30 /home |
| Above command saves schedule with name job2, that will start scan at | Above command saves schedule with name job2, that will start scan at | ||
| - | 15:30 on 1st of octobor. | + | 15:30 on 1st of octobor.<br/> |
| To schedule a scanning to run at every HOUR: | To schedule a scanning to run at every HOUR: | ||
| # escan -sc job3 -fq 1 -min 59 /home | # escan -sc job3 -fq 1 -min 59 /home | ||
| Above command saves schedule with name job3, that will start scan at | Above command saves schedule with name job3, that will start scan at | ||
| - | 59th minute of every hour. | + | 59th minute of every hour.<br/> |
| To schedule a scanning to run Daily at a particular: | To schedule a scanning to run Daily at a particular: | ||
| # escan -sc job4 -fq 2 -hr 15 -min 40 /home | # escan -sc job4 -fq 2 -hr 15 -min 40 /home | ||
| Above command saves schedule with name job4, that will start scan at | Above command saves schedule with name job4, that will start scan at | ||
| - | 2:15 every day. | + | 2:15 every day.<br/> |
| To schedule a scanning to run every MONTH: | To schedule a scanning to run every MONTH: | ||
| # escan -sc job5 -fq 3 -day 1 -hr 15 -min 30 /home | # escan -sc job5 -fq 3 -day 1 -hr 15 -min 30 /home | ||
| Above command saves schedule with name job5, that will start scan at | Above command saves schedule with name job5, that will start scan at | ||
| - | 15:30 on 1st of every month. | + | 15:30 on 1st of every month.<br/> |
| To schedule a scanning to run every WEEK: | To schedule a scanning to run every WEEK: | ||
| # escan -sc job6 -fq 4 -wd 3 -hr 15 -min 30 /home | # escan -sc job6 -fq 4 -wd 3 -hr 15 -min 30 /home | ||
| Above command saves schedule with name job5, that will start scan at | Above command saves schedule with name job5, that will start scan at | ||
| - | 15:30 on every Wednesday. | + | 15:30 on every Wednesday.<br/> |
| - | + | ||
| - | <B>Help Options</B> | + | </div> |
| - | -h,--help | + | === <font size=3>Help Options</font><br/> === |
| + | <B><font size=2>-h,--help</font></B><br/> | ||
| + | Print this help message and Exit<br/> | ||
Current revision
| · eScan · MailScan · Technologies | · Technical Info · Security Awareness · User Guides |
| Command-Line Parameters for Manual scanning |
|
Contents |
[edit]
Info
To scan a system from the Command-line using the terminal, run the following command
# escan [OPTIONS]... [OBJECT]...
This command will scan and clean directories for viruses and other malwares.
The manual for escan can be accessed using command
#man escan
The command-line option is available in eScan for Linux Desktop and
eScan for Linux File Servers
[edit]
Synopsis
escan [OPTIONS]... [OBJECT]...
[edit]
Options
[edit]
Scan Actions
These option defines the action to be taken in case of any infected object found by
scanner.
-ly, --log-only
Only Report infection found / detected in the scanned log. No action on infected
files.
-dl, --disinfect-log
Will try to Disinfect, if not possible shall Report infection found / detected
in the scanned log.
-dd, --disinfect-delete
Will try to Disinfect, if not possible shall delete the infected object.
-dq, --disinfect-quarantine
Will try to Disinfect, if not possible shall quarantine (Default) the infected
object.
-dr, --disinfect-rename
Will try to Disinfect, if not possible shall rename the infected object.
-dp, --disinfect-prompt
Will try to Disinfect, if not possible shall prompt for the action to be taken on
the infected object.
Following Actions will be prompted:
Do Nothing
Delete
Quarantine
Rename
Cancel Scan
-di, --delete-infected
Will Delete the Infected object.
-ri, --rename-infected
Will Rename the Infected object.
-qi, --quarantine-infected
Will Quarantine the Infected object.
-pr, --prompt
Will Prompt for an Action to be taken on the infected object without trying to
disinfect it.
-qp, --quarantine-path*
Sets the Quarantine Path for the infected object. It sets action as quarantine.
While setting Quarantine Path, make sure that user has write permission to
directory.
Example
# escan -qp /var/MicroWorld/var/quarantine/escan
-re, --rename-extension*
Renames infected file with this extension. Extension must be alphanumeric string
starting with alphabet and 1 to 5 characters long. Please do not put dot (’.’)
before extension value.
Example
# escan -re mwt
NOTE:Quarantine path and Rename extension Parameters are descarded, if action is
set as ’prompt’. In that case default qurantine path
’/var/MicroWorld/var/quarantine/escan’ and default rename extension ’.mwt’
will be used.Also, provide only one of -qp or -re, otherwise both the parameters
will be ignored and default values will be used.
[edit]
Recursion Options
These option defines the objects and sub-objects to be scanned during scanning.
-rr, --recursion Will Scan files in the Directories and in the Sub-Directories recursively. By default this option is enabled.
-rr-, --no-recursion Will scan only the files in the directory of subject to scan without following any sub-directory in the path.
-lk-, --no-symlink While scanning the object(s), any symbolic link in the path will be will not be followed and will be ignored. By default, all symbolic link scanning is disabled.
-lk, --all-symlink While scanning the object(s), any symbolic link in the path will be resolved and will be scanned.
-cr-, --no-cross-fs While resolving the symbolic link in scan path or object, if any object is found on other device (physical device or logical file system), the object will be ignored and path will not be followed. By default, any cross file system scanning is diabled.
-cr, --cross-fs While resolving the symbolic link in scan path or object, if object(s) is/are foundon other device, the path will be followed for scanning.
[edit]
Scan Options
These option defines the types of objects to be scanned during scanning.
-m0, --mem-scan-only In current scan session, scan memory for any virus(es).
-m, --mem-scan For every scan, memory will be scanned before performing any other scanning. By defualt, memory is set to scan at every scan session startup.
-m-, --no-mem-scan Disbale all memory scan at scan session startup.
-au, --auto-update At every scan session startup, update virus definition database, before scanning.
-pk, --pack Scan packed files on scan path.
-pk-, --no-pack Do not scan any packed files on scan path.
-ac, --archives Scan archived files on scan path.
-ac-, --no-archives Do not scan archived files on scan path.
-db, --mails Scan plain mails & mail database files on scan path.
-db-, --no-mail Do not scan plain mails & mail database files on scan path.
-hu, --heuristic Perform heuristic checks for any suspected pattern of unknown virus(es) in object(s).
-hu-, --no-heuristic Do perform heuristic checks for suspected pattern of unknown virus(es).
-sx, --scan-ext Scan file(s) having defined extension(s). Seperate multiple extensions by ’,’.
Example:
To scan files having extensions exe # escan -sx exe /home
To scan files having extensions exe or com # escan -sx exe,com /home
-xx, --exclude-ext Exclude file(s) having defined extension(s) on scan path. Seperate multiple extensions by ’,’.
Example:
To exclude files having extension exe type # escan -xx exe /home
To exclude files having extension exe, com type # escan -xx exe, com /home
NOTE: By default, all files with extension ’.mwt’ will be exclude, if not explicitly declared in scan extension list.
-xd, --exclude-dirs Exclude directory(ies) on scan path. Seperate multiple directories by ’,’.
Example:
To exclude the /var directory from scanning # escan -xd /var /
To exclude the /var and /opt directory from scanning # escan -xd /var,/opt /
-dh, --max-depth While performing recursive scanning, it allows scanner to follow the defined number of depth only. This option is ignored, if recursive scanning is disabled.
Example:
To scan upto 2 level of depth while scanning /home # escan -dh 2 /home
-ms, --max-size As larger files takes more time to scan, exclude the larger file(s) by providing this option. suffix the size parameter with ’b’ for byte / ’k’ for kilo-bytes / ’m’ for mega-bytes. If no suffix is provides, scanner assumes the size parameter in KB.
Example:
To exclude files larger than 5 MB # escan -mx 5m /home
[edit]
General Options
These option defines the types of logging during scanning and other general options.
-v, --version Display the MicroWorld eScan version inforamtion(s).
y0, --display-none Do not display any output on the terminal while scan is in progress.
-ym, --display-minimum Display Minimum output on terminal. Only initialization alert, scan configuration and scan result statistics will be printed.
-yi, --display-infected In addition to above information, all infection and action details will be printed to terminal.
-y, --display-all Display eveything on terminal.
-l, --log-path Will set the scan log file path. eScan creates escan directory in log directory to differentiate escan log from other logs.
-l0, --no-log Do not log any thing. No log file will be created.
-lm, --log-minimum Log Minimum infomation. Only initialization alert, scan configuration and scan result statistics will be printed.
-li, --log-infections In addition to above information, all infection and action details will be printed in log file.
-la, --log-all Log everything.
-ss, --save-settings Save the provided scan setting as default settings before scanning.
-so, --save-only Save the provided scan setting as default settings and exit without scanning.
-G, --restore-global This option is available to non-root user’s only. All user (except root) has their own default settings configuration saved. This option reset the user’s default settings with the Global settings (root’s settings).
-ui, --av-info Display the AV engine version, last virus signature update date and virus signature count and exit.
[edit]
Update Options (for root users login only)
These option defines the settings to download the eScan AV updates from the internet.
These options are available to root user only.
-u, --update Start downloading the latest virus definitions.
-x, --use-proxy Use Proxy for downloading the updates from internet.
-x-, --no-proxy Do not use the Proxy for downloading the updates from internet.
-xi, --proxy-ip IP Address of the Proxy Server.
-xt, --proxy-port Port of the Proxy Server
Example:
To download the Virus defination using the proxy setting # escan -u -xi 192.168.0.25 -xt 8080
-xa, --use-proxy-auth Use the Proxy authentication for downloading the virus definition.
-xa-, --no-proxy-auth Do not use Proxy authentication for downloading the virus definition.
-xu, --proxy-user Proxy authentication user name.
-pw, --proxy-passwd Proxy authentication password.
-ul, --server-list Use update server(s) instead of default update server (not recommended). Separate multi servers by comma.
-xs, --use-https Use the secure http to download updates.
-xs-, --use-http Do not use secure http to download updates.
-to, --time-out Set the connection time out (in seconds) for downloading updates.
-rc, --retries Set the retry count in case of connection failure for downloading. These options are available to root user only.
[edit]
Schedule Options (for root users login only)
These options allows to schedule jobs scanning. These options are available
to root user only.
-sc, --save-schedule
Save the Scheduled Job for scanning. This option requires a parameter
as UNIQUE job name. Job name must be alphanumeric starting with an alphabet and
1 to 10 characters long.
-min, --minute
Schedule job minutes of hour [0-59].
-hr, --hour
Schedule job hour of day [0-23].
-day, --month-day
Schedule job day of month [1-(28/29/30/31)].
-wd, --week-day
Schedule job day of week [0-6] (0 Sun/1 Mon/.../6 Sat).
-mon, --month
Schedule job month of yesk [1-12].
-fq, --frequency
Schedule job frequency.
0 once
1 hourly
2 daily
3 monthly
4 weekly
-ds, --del-schedule
Delete save scheduled job. This option requires a parameter
as existing job name.
Example:
# escan -ds <job name>
-do, --delete-old
Purge all expired/outdated schdules.
Note:
All schedules accepts scan and action parameters (except memory scan options),
that will be saved for new job. By default, schedules are saved with the default
scan options
Schedule examples:
To schedule a scanning to run only ONCE on the current date at paritcular time:
# escan -sc job1 -fq 0 -hr 15 -min 30 /home
Above command saves schedule with name job1, that will start scan at
15:30 on current day.
To schedule a scanning to run only ONCE on specified date at particular time:
# escan -sc job2 -fq 0 -day 1 -mon 10 -hr 15 -min 30 /home
Above command saves schedule with name job2, that will start scan at
15:30 on 1st of octobor.
To schedule a scanning to run at every HOUR:
# escan -sc job3 -fq 1 -min 59 /home
Above command saves schedule with name job3, that will start scan at
59th minute of every hour.
To schedule a scanning to run Daily at a particular:
# escan -sc job4 -fq 2 -hr 15 -min 40 /home
Above command saves schedule with name job4, that will start scan at
2:15 every day.
To schedule a scanning to run every MONTH:
# escan -sc job5 -fq 3 -day 1 -hr 15 -min 30 /home
Above command saves schedule with name job5, that will start scan at
15:30 on 1st of every month.
To schedule a scanning to run every WEEK:
# escan -sc job6 -fq 4 -wd 3 -hr 15 -min 30 /home
Above command saves schedule with name job5, that will start scan at
15:30 on every Wednesday.
[edit]
Help Options
-h,--help
Print this help message and Exit
