McAfee VirusScan Enterprise for Linux 1.7.0 Best Practices Guide

Best Practices Guide

McAfee VirusScan Enterprise for Linux1.7.0

COPYRIGHTCopyright © 2012 McAfee, Inc. Do not copy without permission.

TRADEMARK ATTRIBUTIONSMcAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee Artemis, McAfee CleanBoot, McAfee DeepSAFE, ePolicy Orchestrator,McAfee ePO, McAfee EMM, McAfee Enterprise Mobility Management, Foundscore, Foundstone, McAfee NetPrism, McAfee Policy Enforcer, Policy Lab,McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, SmartFilter, McAfee Stinger, McAfee Total Protection,TrustedSource, VirusScan, WaveSecure, WormTraq are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States andother countries. Other names and brands may be claimed as the property of others.

LICENSE INFORMATION

License AgreementNOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETSFORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOUHAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOURSOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR AFILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SETFORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OFPURCHASE FOR A FULL REFUND.

2 McAfee VirusScan Enterprise for Linux 1.7.0 Best Practices Guide

Contents

1 Introduction 5Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2 Hardware and software requirements 7

3 Pre-installation instructions 9Standalone machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Managed using ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . . . . 10

4 Post-installation instructions 11Standalone machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Testing On-access scanning . . . . . . . . . . . . . . . . . . . . . . . . . . 11Testing On-demand scanning . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Managed using ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . . . . 12Testing On-demand scanning . . . . . . . . . . . . . . . . . . . . . . . . . . 12Details of managed nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Configuring policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Default Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

5 Product Configurations 15Scanning policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

On-access policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15On-demand policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

On-demand scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Anti-virus exclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Recovering quarantined items . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Run-time kernel modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Third-party software coexistence . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

6 Tips and Tricks 19

7 KnowledgeBase articles 21

McAfee VirusScan Enterprise for Linux 1.7.0 Best Practices Guide 3

Contents


1 Introduction

McAfee VirusScan Enterprise for Linux delivers always on, real‑time anti‑virus protection for Linuxenvironments. Its unique, Linux‑based on‑access scanner constantly monitors the system for potentialattacks.

McAfee VirusScan Enterprise for Linux protects the Linux servers and desktops from viruses, Trojanhorses, potentially unwanted programs, and other malware.

FeaturesThis section describes the product features for the McAfee VirusScan Enterprise for Linux software.

Features include:

• Run‑time Kernel Module Support.

• Support for the following Cluster services:

• Novell Cluster Services (NCS)

• Corosync OCFS2 File System Cluster

• Red Hat GFS2 Clustering File System

• Support for auditing subsystem.

• Support for SAN and NAS.

• Integration with Anti‑virus Engine version 5400.

• Integration with McAfee Agent (MA) version 4.5 Patch 2, 4.6 and 4.6.1.

• Integration with McAfee ePolicy Orchestrator (ePO) version 4.5.x , 4.6 and 4.6.1.

• Enhanced File System support for on‑access scanning. Refer the KnowledgeBase article KB73344.

• Default queries in ePolicy Orchestrator for compliance and threat event reports.

• SMTP Notification mechanism.

• History of critical events such as malware detections, on‑demand scanning and DAT/Engineupdates.

• Support for on‑demand and scheduled scan tasks simultaneously.

• Web‑based interface to manage the software from anywhere.

• Mod‑versioning for automatic kernel support.

• Regular‑Expression based exclusions for on‑access scan and on‑demand scan from the userinterface.

1


https://kc.mcafee.com/corporate/index?page=content&id=KB73344

1 IntroductionFeatures


2 Hardware and software requirements

The following hardware and software are required:

Supported operating systems (32‑bit/64‑bit)

• SuSE Linux Enterprise Server/Desktop 10.x

• SuSE Linux Enterprise Server/Desktop 11.x

• Red Hat Enterprise 5.x Advanced Platform, Desktop

• Red Hat Enterprise 6.x Server,Workstation, Client

• Novell Open Enterprise Server 2.x

• CentOS 5.x

• CentOS 6.x

• Ubuntu 10.04, 10.10 and 11.04 (Desktop/Server edition)

Supported kernels

• McAfee VirusScan Enterprise for Linux v1.7 supports all kernels available on the supporteddistributions.

Supported processors

• Intel x86 architecture‑based processor

• Intel x86_64 architecture‑based processor that supports Intel Extended Memory 64 Technology(Intel EM64T)

• AMD x86_64 architecture‑based processor with AMD 64‑bit technology

Memory

• Minimum: 2 GB

• Recommended: 4 GB

Free Disk space

• Minimum: 1 GB

Supported browsers

• Microsoft Internet Explorer 5.5, 6.0, 7.0 and 8.0

• Konqueror 3.5.1, 4.1.3, 4.2.x, and 4.3.x

2


• Mozilla 0.9.9, 1.0.1, 1.2.1, 1.4, 1.6, 1.7.8, 1.8.x, and 1.9.x

• Firefox 1.0, 1.5, 2.0, 3.0, 3.5, 3.6, 4.0, 5.0, and 6.0

Supported McAfee Management software

• McAfee ePolicy Orchestrator 4.5

• McAfee ePolicy Orchestrator 4.6

Supported McAfee Agent software

• McAfee Agent 4.5 Patch 2

• McAfee Agent 4.6

Display

Monitor screen with a recommended minimum resolution of 1024 x 768.

2 Hardware and software requirements


3 Pre-installation instructions

This chapter covers the pre‑installation requirements and list of actions you must follow as a bestpractice, before installing McAfee VirusScan Enterprise for Linux.

Contents Standalone machine Managed using ePolicy Orchestrator

Standalone machineThis section provides a list of actions you must perform before installing McAfee VirusScan Enterprisefor Linux. This is applicable only when the suite is installed on a machine in unmanaged mode.

• Make sure the system meets the minimum hardware and software requirements for installingMcAfee VirusScan Enterprise for Linux. Refer to the Hardware and software requirements section.

• You must have root or sudo privileges to install McAfee VirusScan Enterprise for Linux. This accountmust be part of sudo users and so that you could authenticate the credentials during productinstallation.

• If you are installing McAfee VirusScan Enterprise for Linux on Open Enterprise server, you mustcreate a user nails and group nailsgroup in your e‑directory and enable LUM (Linux User Management)for them. Provide nails user with administrative privileges on all the NSS volumes. For moreinformation, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide.

• If you are installing VirusScan Enterprise for Linux on a 64‑bit RHEL 6.x system, ensure that the32‑bit RHEL 6.x PAM libraries are also installed.

• If you are installing VirusScan Enterprise for Linux on a 64‑bit Ubuntu system, ensure that 32‑bitUbuntu libraries are also installed. Refer to the following KnowledgeBase article for more details:https://kc.mcafee.com/corporate/index?page=content&id=KB71201

• If you are installing VirusScan Enterprise for Linux on an Ubuntu system, make sure to run theinstaller script using bash shell.

• Remove any previous versions of VirusScan Enterprise for Linux product prior to the LinuxShieldversion 1.5.1, before installing this version.

• Make sure that there are no third‑party anti‑virus products installed on your machine.

3




Managed using ePolicy OrchestratorThis section provides list of actions you must perform before deploying McAfee VirusScan Enterprisefor Linux using McAfee ePolicy Orchestrator version 4.5.x or 4.6.x.

• Use administrator credentials for the ePolicy Orchestrator service.

• Make sure that McAfee Agent is checked‑in to ePolicy Orchestrator's repository.

• Make sure the McAfee Agent extensions are checked‑in to ePolicy Orchestrator.

• You can directly deploy McAfee Agent from ePO 4.6.x by clicking on the New Systems tab and pushingthe non‑windows agent to the Linux client.

• Make sure the system meets the minimum hardware and software requirements for installingMcAfee VirusScan Enterprise for Linux. Refer to the Hardware and software requirements section.

• To deploy McAfee VirusScan Enterprise for Linux with customized settings, copy the nails.optionsfile to the /root and / directory on your Linux client system. To know how to create the nails.options file, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide.

• If you are installing McAfee VirusScan Enterprise for Linux on Open Enterprise server, you mustcreate a user nails and group nailsgroup in your e‑directory and enable LUM (Linux User Management)for them. Provide nails user with administrative privileges on all the NSS volumes. For moreinformation, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide.

• Remove any previous versions of VirusScan Enterprise for Linux product prior to the LinuxShieldversion 1.5.1, before installing this version.

• Copy the install.sh file from ePolicy Orchestrator to your Linux clients using SCP, FTP or bydownloading the install.sh from a browser onto your Linux client. For more instructions on howto download the file, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide.

If you are using FTP to copy install.sh file, ensure that you copy the file in binary mode.

• Make sure that there are no third‑party anti‑virus products installed on your machine.

3 Pre-installation instructionsManaged using ePolicy Orchestrator


4 Post-installation instructions

This chapter provides instructions on what you need to verify after installing McAfee VirusScanEnterprise for Linux. This chapter has specific post‑installation instructions based on whether its astandalone installation or managed using ePolicy Orchestrator.

Contents Standalone machine Managed using ePolicy Orchestrator

Standalone machineThis section provides you information on what you need to verify after installing the software on astandalone machine.

After installing McAfee VirusScan Enterprise for Linux, you must verify if the following functionalitiesare working properly:

• On‑access scanning

• On‑demand scanning

To verify On‑access scan and On‑demand scan, we will use EICAR test file. The EICAR test file is a file,developed by the European Institute for Computer Antivirus Research, to test the response ofcomputer anti‑virus programs.

Before you begin testing, make sure that McAfee VirusScan Enterprise for Linux is updated with thelatest DATs.

Testing On-access scanningUse this task to verify on‑access scanning on a standalone machine.

Ensure On‑Access scanning is disabled in McAfee VirusScan Enterprise for Linux On‑Access settings.

Task1 From a web‑browser, go to: https://<Linux client IP address>:55443

2 Log on with the user name and password provided during installation.

3 Click On‑Access Settings, then Edit.

4 Deselect Enable On‑Access scanning and click Apply.

5 From your browser, go to: http://eicar.org.

6 Click ANTI‑MALWARE TESTFILE and follow the instructions mentioned in The Anti‑Malware Testfilesection to create the test file on the desktop.

4


http://eicar.org

7 Enable On‑Access scanning from On‑access settings of the software.

8 Try copying the eicar file downloaded to your Linux client's desktop to /tmp.

You can see that the file is not copied to the target directory and missing from the desktop. The filegets quarantined and from the Host Summary section in the user interface, you can see one item asdetected item.

Testing On-demand scanningUse this task to verify on‑demand scanning on a standalone machine.

Ensure On‑access scanning is disabled in McAfee VirusScan Enterprise for Linux On‑access settings byfollowing steps mentioned in above section.

Task1 From your browser, go to: http://eicar.org.

2 Click ANTI‑MALWARE TESTFILE and follow the instructions mentioned in The Anti‑Malware Testfilesection, to create the test file on the desktop.

3 From the VirusScan Enterprise for Linux user interface, click Schedule Tasks.

4 Create a new on‑demand scan task to scan the downloaded file immediately.

5 Once the scan is complete, see the results of the scan.

You can see that the eicar test virus is detected in the scan results. You can also view these resultsfrom Detected Items and System Events page.

Managed using ePolicy OrchestratorAfter deploying McAfee VirusScan Enterprise for Linux on managed nodes, you can verify theon‑demand scanning, details of managed nodes along with other tests in previous section.

You can also enforce policies to verify the reports on ePolicy Orchestrator server or the managednodes.

Testing On-demand scanningUse this task to verify on‑demand scanning using ePolicy Orchestrator.

To test on‑demand scanning, download an EICAR test file on the Linux client after disabling On‑accessscan, then schedule an on‑demand scan to run immediately. Refer the McAfee VirusScan Enterprise forLinux — Configuration Guide for instructions on scheduling on‑demand scan tasks using ePolicyOrchestrator.

Details of managed nodesYou can verify the details of managed nodes in System Tree by clicking on it in ePolicy Orchestrator.

Configuring policiesFor instructions on configuring and enforcing policies, refer the McAfee VirusScan Enterprise for Linux1.7 — Configuration Guide. To verify the On‑access and On‑demand scanning events, you can check inReports for which you need to install report extensions of McAfee VirusScan Enterprise for Linux 1.7 onePolicy Orchestrator.

4 Post-installation instructionsManaged using ePolicy Orchestrator


http://eicar.org

Default QueriesThis section provides details on the default queries. McAfee ePolicy Orchestrator has its own queryingand reporting capabilities. When VirusScan Enterprise for Linux reports extension is installed intoePolicy Orchestrator, it provides a set of default queries. However, you can create a new query, edit,and manage all the queries related to McAfee VirusScan Enterprise for Linux.

By default there are two VirusScan Enterprise for Linux queries.

Table 4-1 VirusScan Enterprise for Linux — Default queries

Query Description

VSEL: VirusScan Enterprise for LinuxCompliance

Shows a graphical display of the compliant and non‑compliant linuxsystems in the network. When you run this query, you should seethe VirusScan Enterprise for Linux machine showing up in thereport.

VSEL: VirusScan Enterprise for LinuxThreats

Shows a graphical display of the threat summary and action takenon all linux systems in the network.

Post-installation instructionsManaged using ePolicy Orchestrator 4


4 Post-installation instructionsManaged using ePolicy Orchestrator


5 Product Configurations

This chapter provides recommendations for configuring the On‑access, On‑demand scanning policies,anti‑virus exclusions, recovering quarantined items, about runtime kernel modules and third‑partysoftware coexistence on McAfee VirusScan Enterprise for Linux 1.7 software.

For more information on how to configure the product, please refer the McAfee VirusScan Enterprisefor Linux 1.7 — Product Guide.

Contents Scanning policies On-demand scanning Anti-virus exclusions Recovering quarantined items Run-time kernel modules Third-party software coexistence

Scanning policiesThis section provides recommendations for on‑access and on‑demand scanning policies.

On-access policyHere are the best practices for configuring on‑access policies. However, this can vary as per yourrequirements.

The following configuration identifies and eliminates viruses and other malicious programs from beingcopied or written to your Linux Machines in real‑time.

• Disable the Scan files on network mounted volumes option. Enable this option only if you cannot installMcAfee anti‑virus solution on your network servers.

• Enable the Quarantine option always as a secondary action for virus detections, so that you canretrieve the files from the quarantine folder later if required. See the Recovering quarantined itemssection on how to retrieve quarantined files.

• Set the Action if scan error occurs option to Deny access in On‑access settings.

• Disable Decompress archives to increase performance.

5


On-demand policyHere are the best practices for configuring on‑demand policies. However, this can vary as per yourrequirements.

The following configuration identifies and eliminates viruses and other malicious programs on yourLinux Machines when scheduled or on‑demand scanning runs on the client system.

• Always enable the Decompress archives to scan inside the archives and compressed files.

• Select the Quarantine option always as secondary action for virus and spyware detections, so thatyou can retrieve the files from the quarantine folder later if required.

On-demand scanningThis section describes the best practices for scheduling on‑demand scans to improve performance.

Scheduling scans• Schedule on‑demand scans during non‑peak hours such as weekends, during the maintenance

period or when DAT/Engine updates are not running.

• When scheduling an on‑demand scan for the first time, schedule a full on‑demand scan for localvolumes.

• Make sure to exclude network volumes, if you do not want to scan them explicitly.

UpdateEnsure that at least 500 MB of memory is free before a DAT Update, as DAT needs significant amountof memory.

Anti-virus exclusionsThis section provides recommendations for Anti‑virus exclusions. McAfee suggests these for betterperformance, however you can tweak these exclusions based on your requirements.

This version supports, regular expression based exclusions for Anti‑malware. You can add regularexpressions that match the required pattern to exclude multiple files and folders from being scanned.

Some of the recommended exclusions are for:

• Oracle database files

• /opt/oracle/.*.dbf (if oracle is installed under /opt)

• /opt/oracle/.*.ctl (if oracle is installed under /opt)

• /opt/oracle/.*.log (if oracle is installed under /opt)

• Evolution data files

• Thunderbird data files

• Encrypted files

• /var/log for on‑access scan

• /quarantine and /proc for on‑demand scan

• JAR files for on‑access scan

5 Product ConfigurationsOn-demand scanning


• Archive files for on‑access scan

• DTX files for on‑access scan

• WAR files

• Exclusion of /media/nss/<VOLUME_NAME>/._NETWARE and /media/nss/<VOLUME_NAME>/._ADMIN incase of Open Enterprise Server

The following are few examples of regular expressions you can use for different patterns.

Table 5-1 Regular Expression Examples

To exclude... Use...

All files starting with abc available in /media/nss /media/nss/abc.*

All files starting with "." under /media/nss /media/nss/..*

All files with extensions ext and abc under /media/nss /media/nss/.*.(ext|abc)

All users mailbox folders /home/.*/mailbox/.*

All files and folders that begin with abc in the machine .*/abc.*

Files with extension mdb .*.mdb

Files with extension either mdb or odc .*.(mdb|odc)

Files with extension jar or rar or war under /opt /opt/.*..+ar

All files under /tmp starting with an alphabet and ending with a number /tmp/([A‑Z]|[a‑z]).*[0‑9]$

All users mailbox folders recursively /home/.*/mailbox/.*

All files ending with abc, abcc, abcccc .*abc{1,}

Using regular expressions from ePolicy Orchestrator

• You should include "/" as the first character. For example, to exclude all files and folders startingwith abc in the machine use the regular expression: /.*/abc.*

• Ensure that there are no escape sequences included in the regular expression. For example: FromePolicy Orchestrator, to exclude all files starting with "." under /media/nss use the regularexpression: /media/nss/..*

Recovering quarantined itemsThis section provides information on listing and recovering quarantined items. Remember that youneed to have root privileges to run these commands. McAfee suggests recovering quarantined itemsonly after consulting McAfee Labs.

To list the quarantined items on a Linux machine

1 From the terminal, login as root.

2 Run the following command:

/opt/NAI/LinuxShield/bin/nails quarantine ‑‑list

This will list all the quarantined items on your machine. For example, if a file named file1 under /tmpdirectory is quarantined, by running above command you will see the output as:

/quarantine/QXXX.XXXXXX.XXXXX.XXX.meta: /tmp/file1 where X is a random number.

Product ConfigurationsRecovering quarantined items 5


To recover a particular quarantined item

1 From the terminal, login as root.

2 Run the following command:

/opt/NAI/LinuxShield/bin/nails quarantine ‑recover <meta‑file path> <destination‑file>

For example, if you want to recover file1 which is listed as quarantined item , you need to run thecommand as: /opt/NAI/LinuxShield/bin/nails quarantine ‑recover

/quarantine/QXXX.XXXXXX.XXXXX.XXX.meta /tmp/file1

This will restore file1 into/tmp directory.

Run-time kernel modulesAutomatic support for new kernels released from the distribution vendors without any downtime inOn‑access scanning. McAfee VirusScan Enterprise for Linux Kernel modules will be created dynamicallyin case of a mod‑version failure.

• You must have developer utilities such as make or gcc installed on your machine along with kernelheaders package of the current kernel. If mod‑versioning fails during nails service start, the kernelmodules gets compiled dynamically and on‑access scanner gets enabled.

• If developer utilities are not installed in your production server, you can compile the kernel moduleson a staging server and run the export command to archive the kernel modules. Import the kernelmodules on to your production server by running the import command. For more information,please refer the McAfee VirusScan Enterprise for Linux 1.7 — Product Guide.

• · Ensure that the kernel sources/headers and developer tools are installed on the computer. If thekernel sources/headers are installed in a non‑default location, set the KERNEL_HEADER_LOCATIONenvironment variable before compilation.

• You can check if the compiled or imported kernel modules are working properly by executing thecommand: /opt/NAI/LinuxShield/bin/khm_setup ‑t

To view the logs, go to: /opt/NAI/LinuxShield/src/log

Third-party software coexistence• VirusScan Enterprise for Linux does not support coexistence with backup software such as

ArcServe, Cava Agent, bacula backup software and so on. Hence McAfee recommends you toexclude directories or files associated with it.

• There are few compatibility issues between McAfee VirusScan Enterprise for Linux and McAfeeSolidcore. Please refer the following KnowledgeBase articles for the resolution of these issues.

• https://kc.mcafee.com/corporate/index?page=content&id=KB70194

• https://kc.mcafee.com/corporate/index?page=content&id=KB70857

You can also log on to https://kc.mcafee.com and search using the KB article number.

5 Product ConfigurationsRun-time kernel modules




https://kc.mcafee.com

6 Tips and Tricks

This chapter provides you more information on the tips and tricks which can be helpful when you usethe McAfee VirusScan Enterprise for Linux software.

• You can deploy the McAfee VirusScan Enterprise for Linux from ePolicy Orchestrator (ePO) withcustomized settings. For this you need to copy the nails.options file to /root and / directory onyour Linux client system. For more details, refer the McAfee VirusScan Enterprise for Linux 1.7 —Installation Guide.

• VirusScan Enterprise for Linux provides advanced logging option, which is recommended to beenabled while troubleshooting specific issues. These settings however can only be enabled from theendpoint's user interface. The settings are Detail logging level, Additional log to syslog, Detail syslog level, Limitage of log entries, Maximum age of log entries which can be tweaked from product's user interface.

• In a managed mode (ePO), the status of scheduled tasks is not reported back to ePO. In suchcases setting up SMTP email notifications can monitor this. Users will get the email notification if theDAT is out‑of‑date, malware detected on the system, and notification based on error codesincluding system events on the user's email id.

• By default, VirusScan Enterprise for Linux uses the system PAM (Pluggable Authentication Modules)configuration in the Web Manager for authentication. In some instances, the system PAM settingsmight use external authentication modules that are not compatible with VirusScan Enterprise forLinux. Refer the following KnowledgeBase article to know how to configure PAM, so that VirusScanEnterprise for Linux can authenticate in the Web Manager: https://kc.mcafee.com/corporate/index?page=content&id=KB70568

6




6 Tips and Tricks


7 KnowledgeBase articles

This chapter specifies the various KnowledgeBase articles related to the McAfee VirusScan Enterprisefor Linux software. Before you run into any issues with the software, verify if the issue is alreadyavailable in the McAfee KnowledgeBase homepage.

Accessing McAfee KnowledgeBase

1 From your web‑browser, go to: https://kc.mcafee.com.

2 Under Ask a Question, specify the KB article number or the topic title.

Table 7-1 McAfee VirusScan Enterprise for Linux — KB articles

KB article# Title

KB73036 VirusScan Enterprise for Linux 1.7 DAT update fails on 64‑bit Ubuntu installations

KB73043 VSEL 1.7 causes a kernel panic when Ubuntu runs as an NFS Client and Server at thesame time

KB73087 VirusScan Enterprise for Linux 1.7 authentication fails after an OS upgrade

KB73205 Unable to reboot server in a Corosync cluster environment with Virus Scan for Linuxrunning

KB73322 VirusScan for Linux 1.7 installation fails when installing via the Dash Shell in Ubuntu

KB70568 How to configure PAM for Virus Scan Enterprise for Linux manager authentication

KB70857 Can VirusScan Enterprise for Linux co‑exist with Solid core products?

KB72999 How to determine if a Linux Server is supported by VSEL 1.7

7


https://kc.mcafee.com









7 KnowledgeBase articles


00

Documents

McAfee VirusScan Enterprise for Linux 1.7.0 Best Practices Guide