Escolar Documentos
Profissional Documentos
Cultura Documentos
LinuxShield
version 1.5.1
COPYRIGHT
Copyright 2008 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.
TRADEMARK ATTRIBUTIONS
ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY (AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP DESIGN (STYLIZED E), DESIGN , (STYLIZED N), ENTERCEPT, EPOLICY ORCHESTRATOR, FIRST AID, FOUNDSTONE, GROUPSHIELD, GROUPSHIELD (AND IN KATAKANA), INTRUSHIELD, INTRUSION PREVENTION THROUGH INNOVATION, MCAFEE, MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN, MCAFEE.COM, MCAFEE VIRUSSCAN, NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN, NETSHIELD, NUTS & BOLTS, OIL CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN, VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN, WEBSHIELD, WEBSHIELD (AND IN KATAKANA) are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. The color red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
Attributions
This product includes or may include: Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). Cryptographic software written by Eric A. Young and software written by Tim J. Hudson. Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. Software originally written by Robert Nordier, Copyright 1996-7 Robert Nordier. Software written by Douglas W. Sauder. Software developed by the Apache Software Foundation (http://www.apache.org/). A copy of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. International Components for Unicode ("ICU") Copyright 1995-2002 International Business Machines Corporation and others. Software developed by CrystalClear Software, Inc., Copyright 2000 CrystalClear Software, Inc. FEAD Optimizer technology, Copyright Netopsystems AG, Berlin, Germany. Outside In Viewer Technology 1992-2001 Stellent Chicago, Inc. and/or Outside In HTML Export, 2001 Stellent Chicago, Inc. Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, 1998, 1999, 2000. Software copyrighted by Expat maintainers. Software copyrighted by The Regents of the University of California, 1996, 1989, 1998-2000. Software copyrighted by Gunnar Ritter. Software copyrighted by Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A., 2003. Software copyrighted by Gisle Aas. 1995-2003. Software copyrighted by Michael A. Chase, 1999-2000. Software copyrighted by Neil Winton, 1995-1996. Software copyrighted by RSA Data Security, Inc., 1990-1992. Software copyrighted by Sean M. Burke, 1999, 2000. Software copyrighted by Martijn Koster, 1995. Software copyrighted by Brad Appleton, 1996-1999. Software copyrighted by Michael G. Schwern, 2001. Software copyrighted by Graham Barr, 1998. Software copyrighted by Larry Wall and Clark Cooper, 1998-2000. Software copyrighted by Frodo Looijaard, 1997. Software copyrighted by the Python Software Foundation, Copyright 2001, 2002, 2003. A copy of the license agreement for this software can be found at www.python.org. Software copyrighted by Beman Dawes, 1994-1999, 2002. Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek 1997-2000 University of Notre Dame. Software copyrighted by Simone Bordet & Marco Cravero, 2002. Software copyrighted by Stephen Purcell, 2001. Software developed by the Indiana University Extreme! Lab (http://www.extreme.indiana.edu/). Software copyrighted by International Business Machines Corporation and others, 1995-2003. Software developed by the University of California, Berkeley and its contributors. Software developed by Ralf S. Engelschall <rse@engelschall.com> for use in the mod_ssl project (http:// www.modssl.org/). Software copyrighted by Kevlin Henney, 2000-2002. Software copyrighted by Peter Dimov and Multi Media Ltd. 2001, 2002. Software copyrighted by David Abrahams, 2001, 2002. See http://www.boost.org/libs/bind/bind.html for documentation. Software copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, 2000. Software copyrighted by Boost.org, 1999-2002. Software copyrighted by Nicolai M. Josuttis, 1999. Software copyrighted by Jeremy Siek, 1999-2001. Software copyrighted by Daryle Walker, 2001. Software copyrighted by Chuck Allison and Jeremy Siek, 2001, 2002. Software copyrighted by Samuel Krempp, 2001. See http://www.boost.org for updates, documentation, and revision history. Software copyrighted by Doug Gregor (gregod@cs.rpi.edu), 2001, 2002. Software copyrighted by Cadenza New Zealand Ltd., 2000. Software copyrighted by Jens Maurer, 2000, 2001. Software copyrighted by Jaakko Jrvi (jaakko.jarvi@cs.utu.fi), 1999, 2000. Software copyrighted by Ronald Garcia, 2002. Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, 1999-2001. Software copyrighted by Stephen Cleary (shammah@voyager.net), 2000. Software copyrighted by Housemarque Oy <http://www.housemarque.com>, 2001. Software copyrighted by Paul Moore, 1999. Software copyrighted by Dr. John Maddock, 1998-2002. Software copyrighted by Greg Colvin and Beman Dawes, 1998, 1999. Software copyrighted by Peter Dimov, 2001, 2002. Software copyrighted by Jeremy Siek and John R. Bandela, 2001. Software copyrighted by Joerg Walter and Mathias Koch, 2000-2002. Software copyrighted by Carnegie Mellon University 1989, 1991, 1992. Software copyrighted by Cambridge Broadband Ltd., 2001-2003. Software copyrighted by Sparta, Inc., 2003-2004. Software copyrighted by Cisco, Inc. and Information Network Center of Beijing University of Posts and Telecommunications, 2004. Software copyrighted by Simon Josefsson, 2003. Software copyrighted by Thomas Jacob, 2003-2004. Software copyrighted by Advanced Software Engineering Limited, 2004. Software copyrighted by Todd C. Miller, 1998. Software copyrighted by The Regents of the University of California, 1990, 1993, with code derived from software contributed to Berkeley by Chris Torek.
Contents
Introducing LinuxShield
Product features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Whats new in this release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Getting product information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Contact information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
5 6 6 7 7 8 9
System Requirements
11
Hardware and software requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 Creating kernel modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Creating 2.4 kernel modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Creating 2.6 kernel modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Installing LinuxShield
Manual installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Silent installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Running LinuxShield . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Handling old certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Removing the software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Upgrading from previous LinuxShield versions . . . . . . . . . . . . . . . . . . . . . . . . . . . Integrating with ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . PLDP Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
25
25 28 29 29 30 30 31 31
Contents
Introducing LinuxShield
LinuxShield detects and removes viruses and other potentially unwanted software on Linux-based systems. This section describes: Product features Whats new in this release Using this guide Getting product information Contact information
Product features
LinuxShield software has the following features: Support for AMD 64 / EM64T (64-bit) platforms. Kernel hooking modules (KHMs) Global File System (GFS) on Red Hat Enterprise Linux 5. Kernel module versioning which provides on-access scanning on new kernels without having to recompile modules. Incremental Virus Signature (DAT) updates. Scanning Comprehensive on-access anti-virus scanning and cleaning using the McAfee scanning engine. On-access scanning for local file systems, NFS and Samba. Kernel-level scan cache for improved performance. Scheduling of on-demand scans. Scheduling of updates for scanning engine and virus definition files. Administration Remote administration using browser-based interface.
Introducing LinuxShield
Whats new in this release
Monitoring and configuring of multiple LinuxShield installations from the browser interface. Secure browser interface with authentication and HTTPS (SSL) support. Remote administration and reporting using ePolicy Orchestrator. Reporting Real-time statistics. Detailed database for detected items and system events. Ability to query the database by date range or individual field values, for example, virus name. Results of query can be exported to a CSV file. Configurable email notification for detected items, out-of-date virus definition files, configuration changes, and system events. Diagnostic report for use when reporting a problem with the product.
Introducing LinuxShield
Using this guide
Installing LinuxShield Procedures to install the software manually and silently, instructions on how to remove the software from your computer and upgrade from a pre-release or previous version of the software.
Audience
This information is intended for network administrators who are responsible for their companys anti-virus and security program.
Conventions
This guide uses the following conventions:
Bold Condensed
All words from the interface, including options, menus, buttons, and dialog box names. Example: Type the User name and Password of the appropriate account. Courier The path of a folder or program; text that represents something the user types exactly (for example, a command at the system prompt). Examples: The default location for the program is: C:\Program Files\McAfee\EPO\3.5.0 Run this command on the client computer: scan --help Italic For emphasis or when introducing a new term; for names of product documentation and topics (headings) within the material. Example: Refer to the VirusScan Enterprise Product Guide for more information. Blue A web address (URL) and/or a live link. Example: Visit the McAfee web site at: http://www.mcafee.com <TERM> Angle brackets enclose a generic term. Example: In the console tree, right-click <SERVER>. Note: Supplemental information; for example, another method of executing the same command. Tip: Suggestions for best practices and recommendations from McAfee for threat prevention, performance and efficiency. Caution: Important advice to protect your computer system, enterprise, software installation, or data. Warning: Important advice to protect a user from bodily harm when using a hardware product.
Note
Tip
Caution
Warning
Introducing LinuxShield
Getting product information
Introducing LinuxShield
Contact information
Contact information
Threat Center: McAfee Avert Labs
http://www.mcafee.com/us/threat_center/default.asp Avert Labs Threat Library http://vil.nai.com Avert Labs WebImmune & Submit a Sample (Logon credentials required) https://www.webimmune.net/default.asp Avert Labs DAT Notification Service http://vil.nai.com/vil/signup_DAT_notification.aspx
Technical Support
http://www.mcafee.com/us/support/ KnowledgeBase Search http://knowledge.mcafee.com/ McAfee Technical Support ServicePortal (Logon credentials required) https://mysupport.mcafee.com/eservice_enu/start.swe
Customer Service
Web http://www.mcafee.com/us/support/index.html http://www.mcafee.com/us/about/contact/index.html Phone US, Canada, and Latin America toll-free: +1-888-VIRUS NO or +1-888-847-8766 Monday Friday, 8 a.m. 8 p.m., Central Time
Professional Services
Enterprise: http://www.mcafee.com/us/enterprise/services/index.html Small and Medium Business: http://www.mcafee.com/us/smb/services/index.html
Introducing LinuxShield
Contact information
10
System Requirements
Hardware and software
This section includes the following topics: Hardware and software requirements. Creating kernel modules on page 21.
11
System Requirements
Hardware and software requirements
Red Hat Enterprise 5.0 Server, Desktop SuSE Enterprise 8 Server United Linux 1.0 SuSE Linux Enterprise Server 9 SuSE Linux Enterprise Server/Desktop 10 Novell Open Enterprise Server 2 running SuSE Linux Enterprise Server 10 SP1 Supported operating systems for 64-bit platforms Red Hat Enterprise 4.0 Advanced Server, Workstation, Enterprise Server, Desktop Red Hat Enterprise 5.0 Advanced Platform, Desktop SuSE Linux Enterprise Server 9 SuSE Linux Enterprise Server/Desktop 10 Novell Open Enterprise Server 2 running SuSE Linux Enterprise Server 10 SP1 Supported browsers Internet Explorer 5.5, 6.0 and 7.0 Konqueror 3.5.1 Mozilla 0.9.9, 1.0.1, 1.2.1, 1.4, and 1.6 Firefox 1.0, 1.5, and 2.0 Supported ePolicy Orchestrator Server 3.6.1 or later Supported kernels The following kernel modules are provided in this release. If your kernel is not listed here, see About kernel support on page 20 and Creating kernel modules on page 21.
Table 2-1 Kernel modules supported on 32-bit platforms for Red Hat
Red Hat Enterprise 2.1 kernel-2.4.9-e.3 kernel-smp-2.4.9-e.3 kernel-enterprise-2.4.9-e.3 kernel-2.4.9-e.12 kernel-smp-2.4.9-e.12 kernel-2.4.9-e.38 kernel-smp-2.4.9-e.38 kernel-enterprise-2.4.9-e.38 kernel-2.4.9-e.40 kernel-smp-2.4.9-e.40 kernel-enterprise-2.4.9-e.40 Red Hat Enterprise 3.0 kernel-2.4.21-4.EL kernel-smp-2.4.21-4.EL kernel-hugemem-2.4.21-4.EL kernel-2.4.21-9.0.1.EL kernel-smp-2.4.21-9.0.1.EL kernel-hugemem-2.4.21-9.0.1.EL kernel-2.4.21-9.0.3.EL kernel-smp-2.4.21-9.0.3.EL kernel-hugemem-2.4.21-9.0.3.EL kernel-2.4.21-15.EL kernel-smp-2.4.21-15.EL kernel-hugemem-2.4.21-15.EL Red Hat Enterprise 4.0 kernel-2.6.9-5.EL kernel-smp-2.6.9-5.EL kernel-hugemem-2.6.9-5.EL kernel-2.6.9-11.EL kernel-smp-2.6.9-11.EL kernel-hugemem-2.6.9-11.EL kernel-2.6.9-22.EL kernel-smp-2.6.9-22.EL kernel-hugemem-2.6.9-22.EL kernel-2.6.9-22.0.1.EL kernel-smp-2.6.9-22.0.1.EL kernel-hugemem-2.6.9-22.0.1.EL Red Hat Enterprise 5.0 kernel-2.6.18-8.el5 kernel-2.6.18-8.el5PAE kernel-2.6.18-8.1.1.el5 kernel-2.6.18-8.1.1.el5PAE kernel-2.6.18-8.1.3.el5 kernel-2.6.18-8.1.3.el5PAE kernel-2.6.18-8.1.4.el5 kernel-2.6.18-8.1.4.el5PAE kernel-2.6.18-8.1.6.el5 kernel-2.6.18-8.1.6.el5PAE
12
System Requirements
Hardware and software requirements
Table 2-1 Kernel modules supported on 32-bit platforms for Red Hat (continued)
Red Hat Enterprise 2.1 kernel-2.4.9-e.41 kernel-smp-2.4.9-e.41 kernel-enterprise-2.4.9-e.41 kernel-2.4.9-e.43 kernel-smp-2.4.9-e.43 kernel-enterprise-2.4.9-e.43 kernel-2.4.9-e.48 kernel-smp-2.4.9-e.48 kernel-enterprise-2.4.9-e.48 Red Hat Enterprise 3.0 kernel-2.4.21-15.0.2.EL kernel-smp-2.4.21-15.0.2.EL kernel-hugemem-2.4.21-15.0.2.EL kernel-2.4.21-15.0.3.EL kernel-smp-2.4.21-15.0.3.EL kernel-hugemem-2.4.21-15.0.3.EL kernel-2.4.21-15.0.4.EL kernel-smp-2.4.21-15.0.4.EL kernel-hugemem-2.4.21-15.0.4.EL Red Hat Enterprise 4.0 kernel-2.6.9-22.0.2.EL kernel-smp-2.6.9-22.0.2.EL kernel-hugemem-2.6.9-22.0.2.EL kernel-2.6.9-34.EL kernel-smp-2.6.9-34.EL kernel-hugemem-2.6.9-34.EL kernel-2.6.9-34.0.1.EL Red Hat Enterprise 5.0 kernel-2.6.18-8.1.8.el5 kernel-2.6.18-8.1.8.el5PAE
13
System Requirements
Hardware and software requirements
Table 2-1 Kernel modules supported on 32-bit platforms for Red Hat (continued)
Red Hat Enterprise 2.1 kernel-2.4.9-e.49 kernel-smp-2.4.9-e.49 kernel-enterprise-2.4.9-e.49 kernel-2.4.9-e.62 kernel-smp-2.4.9-e.62 kernel-enterprise-2.4.9-e.62 kernel-2.4.9-e.65 kernel-smp-2.4.9-e.65 kernel-enterprise-2.4.9-e.65 Red Hat Enterprise 3.0 kernel-2.4.21-20.EL kernel-smp-2.4.21-20.EL kernel-hugemem-2.4.21-20.EL kernel-2.4.21-20.0.1.EL kernel-smp-2.4.21-20.0.1.EL kernel-hugemem-2.4.21-20.0.1.EL kernel-2.4.21-27.EL kernel-smp-2.4.21-27.EL kernel-hugemem-2.4.21-27.EL Red Hat Enterprise 4.0 kernel-smp-2.6.9-34.0.1.EL kernel-hugemem-2.6.9-34.0.1.EL kernel-2.6.9-34.0.2.EL kernel-smp-2.6.9-34.0.2.EL kernel-hugemem-2.6.9-34.0.2.EL kernel-2.6.9-42.EL kernel-smp-2.6.9-42.EL Red Hat Enterprise 5.0 kernel-2.6.18-8.el5 kernel-2.6.18-8.el5PAE kernel-2.6.18-8.el5xen kernel-2.6.18-8.1.1.el5 kernel-2.6.18-8.1.1.el5PAE kernel-2.6.18-8.1.1.el5xen
14
System Requirements
Hardware and software requirements
Table 2-1 Kernel modules supported on 32-bit platforms for Red Hat (continued)
Red Hat Enterprise 2.1 kernel-2.4.9-e.68 kernel-smp-2.4.9-e.68 kernel-enterprise-2.4.9-e.68 kernel-2.4.9-e.70 kernel-smp-2.4.9-e.70 kernel-enterprise-2.4.9-e.70 kernel-2.4.9-e.71 kernel-smp-2.4.9-e.71 kernel-enterprise-2.4.9-e.71 kernel-2.4.9-e.72 kernel-smp-2.4.9-e.72 kernel-enterprise-2.4.9-e.72 Red Hat Enterprise 3.0 kernel-2.4.21-27.0.1.EL kernel-smp-2.4.21-27.0.1.EL kernel-hugemem-2.4.21-27.0.1.EL kernel-2.4.21-27.0.2.EL kernel-smp-2.4.21-27.0.2.EL kernel-hugemem-2.4.21-27.0.2.EL kernel-2.4.21-32.0.1.EL kernel-smp-2.4.21-32.0.1.EL kernel-hugemem-2.4.21-32.0.1.EL kernel-2.4.21-37.EL kernel-smp-2.4.21-37.EL kernel-hugemem-2.4.21-37.EL kernel-2.4.21-40.EL kernel-smp-2.4.21-40.EL kernel-hugemem-2.4.21-40.EL kernel-2.4.21-47.EL kernel-smp-2.4.21-47.EL kernel-hugemem-2.4.21-47.EL kernel-2.4.21-47.0.1.EL kernel-smp-2.4.21-47.0.1.EL kernel-hugemem-2.4.21-47.0.1.EL kernel-2.4.21-50.EL kernel-smp-2.4.21-50.EL kernel-hugemem-2.4.21-50.EL kernel-2.4.21-51.EL kernel-smp-2.4.21-51.EL kernel-hugemem-2.4.21-51.EL kernel-2.4.21-52.EL kernel-smp-2.4.21-52.EL kernel-hugemem-2.4.21-52.EL kernel-2.4.21-53.EL kernel-smp-2.4.21-53.EL kernel-hugemem-2.4.21-53.EL Red Hat Enterprise 4.0 kernel-hugemem-2.6.9-42.EL kernel-2.6.9-42.0.2.EL kernel-smp-2.6.9-42.0.2.EL kernel-hugemem-2.6.9-42.0.2.EL kernel-2.6.9-42.0.3.EL kernel-smp-2.6.9-42.0.3.EL kernel-hugemem-2.6.9-42.0.3.EL kernel-2.6.9-42.0.8.EL kernel-smp-2.6.9-42.0.8.EL kernel-hugemem-2.6.9-42.0.8.EL kernel-2.6.9-42.0.10.EL kernel-smp-2.6.9-42.0.10.EL kernel-hugemem-2.6.9-42.0.10.EL kernel-2.6.9-55.EL kernel-smp-2.6.9-55.EL kernel-hugemem-2.6.9-55.EL kernel-2.6.9-55.0.2.EL kernel-smp-2.6.9-55.0.2.EL kernel-hugemem-2.6.9-55.0.2.EL kernel-2.6.9-55.0.6.EL kernel-smp-2.6.9-55.0.6.EL kernel-hugemem-2.6.9-55.0.6.EL kernel-2.6.9-55.0.9.EL kernel-smp-2.6.9-55.0.9.EL kernel-hugemem-2.6.9-55.0.9.EL kernel-2.6.9-67.EL kernel-smp-2.6.9-67.EL kernel-hugemem-2.6.9-67.EL kernel-2.6.9-67.0.4.EL kernel-smp-2.6.9-67.0.4.EL kernel-hugemem-2.6.9-67.0.4.EL kernel-2.6.9-67.0.7.EL kernel-smp-2.6.9-67.0.7.EL kernel-hugemem-2.6.9-67.0.7.EL kernel-2.6.9-67.0.15.EL kernel-smp-2.6.9-67.0.15.EL kernel-hugemem-2.6.9-67.0.15.EL Red Hat Enterprise 5.0 kernel-2.6.18-8.1.3.el5 kernel-2.6.18-8.1.3.el5PAE kernel-2.6.18-8.1.3.el5xen kernel-2.6.18-8.1.4.el5 kernel-2.6.18-8.1.4.el5PAE kernel-2.6.18-8.1.4.el5xen kernel-2.6.18-8.1.6.el5 kernel-2.6.18-8.1.6.el5PAE kernel-2.6.18-8.1.6.el5xen kernel-2.6.18-8.1.8.el5 kernel-2.6.18-8.1.8.el5PAE kernel-2.6.18-8.1.8.el5xen kernel-2.6.18-8.1.10.el5 kernel-2.6.18-8.1.10.el5PAE kernel-2.6.18-8.1.10.el5xen kernel-2.6.18-8.1.14.el5 kernel-2.6.18-8.1.14.el5PAE kernel-2.6.18-8.1.14.el5xen kernel-2.6.18-8.1.15.el5 kernel-2.6.18-8.1.15.el5PAE kernel-2.6.18-8.1.15.el5xen kernel-2.6.18-53.el5 kernel-2.6.18-53.el5PAE kernel-2.6.18-53.el5xen kernel-2.6.18-53.1.4.el5 kernel-2.6.18-53.1.4.el5PAE kernel-2.6.18-53.1.4.el5xen kernel-2.6.18-53.1.6.el5 kernel-2.6.18-53.1.6.el5PAE kernel-2.6.18-53.1.6.el5xen kernel-2.6.18-53.1.13.el5 kernel-2.6.18-53.1.13.el5PAE kernel-2.6.18-53.1.13.el5xen kernel-2.6.18-53.1.14.el5 kernel-2.6.18-53.1.14.el5PAE kernel-2.6.18-53.1.14.el5xen kernel-2.6.18-53.1.19.el5 kernel-2.6.18-53.1.19.el5PAE kernel-2.6.18-53.1.19.el5xen
15
System Requirements
Hardware and software requirements
k_smp-2.4.19-113 k_deflt-2.4.19-120 k_deflt-2.4.21-198 k_smp-2.4.21-198 k_deflt-2.4.21-203 k_smp-2.4.21-203 k_deflt-2.4.21-215 k_smp-2.4.21-215 k_deflt-2.4.21-226 k_smp-2.4.21-226 k_deflt-2.4.21-231
16
System Requirements
Hardware and software requirements
Table 2-2 Kernel modules supported on 32-bit platforms for SuSE (continued)
SuSE Enterprise 8 SuSE Enterprise 9.0 /Novell Linux Desktop 9.0 kernel-bigsmp-2.6.5-7.202. 7 kernel-default-2.6.5-7.244 kernel-smp-2.6.5-7.244 kernel-bigsmp-2.6.5-7.244 kernel-default-2.6.5-7.252 kernel-smp-2.6.5-7.252 kernel-bigsmp-2.6.5-7.252 k_smp-2.4.21-295 k_deflt-2.4.21-304 k_smp-2.4.21-304 k_deflt-2.4.21-306 k_smp-2.4.21-306 k_deflt-2.4.21-309 k_smp-2.4.21-309 k_deflt-2.4.21-314 k_smp-2.4.21-314 kernel-default-2.6.5-7.257 kernel-smp-2.6.5-7.257 kernel-bigsmp-2.6.5-7.257 kernel-default-2.6.5-7.267 kernel-smp-2.6.5-7.267 kernel-bigsmp-2.6.5-7.267 kernel-default-2.6.5-7.276 kernel-smp-2.6.5-7.276 kernel-bigsmp-2.6.5-7.276 kernel-default-2.6.5-7.282 kernel-smp-2.6.5-7.282 kernel-bigsmp-2.6.5-7.282 kernel-default-2.6.5-7.283 kernel-smp-2.6.5-7.283 kernel-bigsmp-2.6.5-7.283 kernel-default-2.6.5-7.286 kernel-smp-2.6.5-7.286 kernel-bigsmp-2.6.5-7.286 kernel-default-2.6.5-7.287.3 kernel-smp-2.6.5-7.287.3 kernel-bigsmp-2.6.5-7.287. 3 kernel-default-2.6.5-7.308 kernel-smp-2.6.5-7.308 kernel-bigsmp-2.6.5-7.308 kernel-default-2.6.5-7.311 kernel-smp-2.6.5-7.311 kernel-bigsmp-2.6.5-7.311 kernel-default-2.6.16-54.2.3 kernel-smp-2.6.16-54.2.3 kernel-bigsmp-2.6.16-54.2.3 kernel-default-2.6.16.60-0.9 kernel-smp-2.6.16.60-0.9 kernel-bigsmp-2.6.16.60-0.9 kernel-default-2.6.16-54.2.3 kernel-smp-2.6.16-54.2.3 kernel-bigsmp-2.6.16-54.2.3 kernel-xen-2.6.16-54.2.3 kernel-xenpae-2.6.16-54.2.3 kernel-default-2.6.16.60-0.9 kernel-smp-2.6.16.60-0.9 kernel-bigsmp-2.6.16.60-0.9 kernel-xen-2.6.16.60-0.9 kernel-xenpae-2.6.16.60-0.9 kernel-default-2.6.16-53.0.16 kernel-smp-2.6.16-53.0.16 kernel-bigsmp-2.6.16-53.0.16 kernel-default-2.6.16-53.0.16 kernel-smp-2.6.16-53.0.16 kernel-bigsmp-2.6.16-53.0.16 kernel-xen-2.6.16-53.0.16 kernel-xenpae-2.6.16-53.0.16 SuSE Enterprise Desktop 10 kernel-default-2.6.16-53.0.8 kernel-smp-2.6.16-53.0.8 kernel-bigsmp-2.6.16-53.0.8 SuSE Enterprise Server 10 kernel-default-2.6.16-53.0.8 kernel-smp-2.6.16-53.0.8 kernel-bigsmp-2.6.16-53.0.8 kernel-xen-2.6.16-53.0.8 kernel-xenpae-2.6.16-53.0.8
17
System Requirements
Hardware and software requirements
Table 2-3 Kernel modules supported on 64-bit platforms for Red Hat
Red Hat Enterprise 4.0 kernel-2.6.9-5.EL kernel-smp-2.6.9-5.EL kernel-2.6.9-11.EL kernel-smp-2.6.9-11EL kernel-2.6.9-22.EL kernel-smp-2.6.9-22.EL kernel-2.6.9-22.0.1EL kernel-smp-2.6.9-22.0.1EL kernel-2.6.9-22.0.2.EL kernel-smp-2.6.9-22.0.2EL kernel-2.6.9-34.EL kernel-smp-2.6.9-34.EL kernel-2.6.9-34.0.1.EL kernel-smp-2.6.9-34.0.1.EL kernel-2.6.9-34.0.2.EL kernel-smp-2.6.9-34.0.2.EL kernel-2.6.9-42.EL Red Hat Enterprise 5.0 kernel-2.6.18-8.el5 kernel-2.6.18-8.1.1.el5 kernel-2.6.18-8.1.3.el5 kernel-2.6.18-8.1.4.el5 kernel-2.6.18-8.1.6.el5 kernel-2.6.18-8.1.8.el5 kernel-2.6.18-8.1.10.el5 kernel-2.6.18-8.1.10.el5xen kernel-2.6.18-8.1.14.el5 kernel-2.6.18-8.1.14.el5xen kernel-2.6.18-8.1.15.el5 kernel-2.6.18-8.1.15.el5xen kernel-2.6.18-53.el5 kernel-2.6.18-53.el5xen kernel-2.6.18-53.1.4.el5 kernel-2.6.18-53.1.4.el5xen
18
System Requirements
Hardware and software requirements
Table 2-3 Kernel modules supported on 64-bit platforms for Red Hat (continued)
Red Hat Enterprise 4.0 kernel-smp-2.6.9-42.EL kernel-2.6.9-42.0.2.EL kernel-smp-2.6.9-42.0.2.EL kernel-2.6.9-42.0.3.EL kernel-smp-2.6.9-42.0.3.EL kernel-2.6.9-42.0.8.EL Red Hat Enterprise 5.0 kernel-2.6.18-53.1.6.el5 kernel-2.6.18-53.1.6.el5PAE kernel-2.6.18-53.1.6.el5xen kernel-2.6.18-53.1.13.el5 kernel-2.6.18-53.1.13.el5PAE kernel-2.6.18-53.1.13.el5xen
kernel-smp-2.6.9-42.0.8.EL kernel-2.6.9-42.0.10.EL kernel-smp-2.6.9-42.0.10.EL kernel-2.6.9-55.EL kernel-smp-2.6.9-55.EL kernel-2.6.9-55.0.2.EL kernel-smp-2.6.9-55.0.2.EL kernel-2.6.9-55.0.6.EL kernel-smp-2.6.9-55.0.6.EL kernel-2.6.9-55.0.9.EL kernel-smp-2.6.9-55.0.9.EL kernel-2.6.9-67.EL kernel-smp-2.6.9-67.EL kernel-2.6.9-67.0.4.EL kernel-smp-2.6.9-67.0.4.EL kernel-hugemem-2.6.9-67.0.4.EL kernel-2.6.9-67.0.7.EL kernel-smp-2.6.9-67.0.7.EL kernel-hugemem-2.6.9-67.0.7.EL kernel-2.6.9-67.0.15.EL kernel-smp-2.6.9-67.0.15.EL kernel-hugemem-2.6.9-67.0.15.EL
19
System Requirements
Hardware and software requirements
Table 2-4 Kernel modules supported on 64-bit platforms for SuSE (continued)
SuSE Enterprise 9 kernel-default-2.6.5-7.193 kernel-smp-2.6.5-7.193 kernel-default-2.6.5-7.201 kernel-smp-2.6.5-7.201 kernel-default-2.6.5-7.202.7 SuSE Enterprise Desktop 10 kernel-default-2.6.16-27.0.6 kernel-smp-2.6.16-27.0.6 kernel-default-2.6.16-27.0.9 kernel-smp-2.6.16-27.0.9 SuSE Enterprise Server 10 kernel-default-2.6.16-27.0.6 kernel-smp-2.6.16-27.0.6 kernel-xen-2.6.16-27.0.6 kernel-default-2.6.16-27.0.9 kernel-smp-2.6.16-27.0.9 kernel-xen-2.6.16-27.0.9 kernel-smp-2.6.5-7.202.7 kernel-default-2.6.5-7.244 kernel-smp-2.6.5-7.244 kernel-default-2.6.5-7.252 kernel-smp-2.6.5-7.252 kernel-default-2.6.5-7.257 kernel-smp-2.6.5-7.257 kernel-default-2.6.5-7.267 kernel-smp-2.6.5-7.267 kernel-default-2.6.5-7.276 kernel-smp-2.6.5-7.276 kernel-default-2.6.5-7.282 kernel-smp-2.6.5-7.282 kernel-default-2.6.5-7.283 kernel-smp-2.6.5-7.283 kernel-default-2.6.5-7.286 kernel-smp-2.6.5-7.286 kernel-default-2.6.5-7.287.3 kernel-smp-2.6.5-7.287.3 kernel-default-2.6.5-7.308 kernel-smp-2.6.5-7.308 kernel-default-2.6.5-7.311 kernel-smp-2.6.5-7.311 kernel-default-2.6.16-54.2.3 kernel-smp-2.6.16-54.2.3 kernel-default-2.6.16-60-0.9 kernel-smp-2.6.16-60-0.9 kernel-default-2.6.16-54.2.3 kernel-smp-2.6.16-54.2.3 kernel-xen-2.6.16-54.2.3 kernel-default-2.6.16-60-0.9 kernel-smp-2.6.16-60-0.9 kernel-xen-2.6.16-60-0.9 kernel-default-2.6.16-53.0.8 kernel-smp-2.6.16-53.0.8 kernel-default-2.6.16-53.0.16 kernel-smp-2.6.16-53.0.16 kernel-default-2.6.16-53.0.8 kernel-smp-2.6.16-53.0.8 kernel-xen-2.6.16-53.0.8 kernel-default-2.6.16-53.0.16 kernel-smp-2.6.16-53.0.16 kernel-xen-2.6.16-53.0.16 kernel-default-2.6.16-46.0.12 kernel-smp-2.6.16-46.0.12 kernel-default-2.6.16-46.0.14 kernel-smp-2.6.16-46.0.14 kernel-default-2.6.16-46.0.12 kernel-smp-2.6.16-46.0.12 kernel-xen-2.6.16-46.0.12 kernel-default-2.6.16-46.0.14 kernel-smp-2.6.16-46.0.14 kernel-xen-2.6.16-46.0.14
About kernel support The LinuxShield installation includes on-access kernel modules for the versions of Red Hat and SuSE that we support. See the tables in Supported kernels on page 12 to get the full list of kernels. We provide these modules for the original kernel versions that are shipped with the distribution, and for the latest official kernel updates provided by Red Hat and SuSE at the time of this release. Our updates for their later kernels will be available from http://mysupport.nai.com. Source code for the kernel modules is also available on your product CD, or from our product download site. (See Contact information on page 9.) The availability of this source code allows you to respond to security patches as quickly as your specific environment and company policy dictates. However, we are unable to provide support for customized kernel modules because we cannot test them or reproduce specific issues.
20
System Requirements
Creating kernel modules
To build a LinuxShield kernel module from source, you need the source for your kernel. Most vendor-supplied kernels include a kernel source package, that usually installs the source into /usr/src/linux-<kernel version>. If you are not familiar with building the Linux kernel, we recommend that you refer to tutorials available on the Internet. Alternatively, follow the procedure in Creating 2.4 kernel modules or Creating 2.6 kernel modules.
2 Configure the kernel source. You need the configuration file that was used to compile your kernel. If you are using a vendor-supplied kernel, the /boot directory normally contains a copy of the configuration file, which has a config prefix or a .config extension. 3 Copy the configuration file to the file .config in the top-level directory of your kernel source tree, and run make oldconfig, as in these commands:
cp <kernel config file> .config make oldconfig
If a message prompts you for any configuration items, your configuration file is incomplete, and you need to ask the supplier about the correct answers. 4 Check the version information in the top-level kernel Makefile. In particular, check that EXTRAVERSION is set appropriately. Sometimes the version information is set to a custom value in vendor-supplied source. The definition for KERNELRELEASE when expanded should match the contents of /proc/sys/kernel/osrelease assuming that you are building modules for the kernel that is currently running. The standard definition for KERNELRELEASE is:
KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)$(EXTRAVERSION)
5 Generate some dependency information and header files. Type the following command:
make dep
This step creates generated files that are necessary for module compilation.
21
System Requirements
Creating kernel modules
As a minimum, you can build the generated configuration header files using make include/config/MARKER, but this might not work for all kernel versions and configurations.
You are now ready to build the LinuxShield kernel modules. The Makefile provided to build the LinuxShield modules requires 3.80 or later of GNU Make. Check your version of make by using make --version. If you have version 3.79 or earlier, you need to upgrade.
Note
7 Unpack the source files into an empty directory, and use the kernel build system to build the modules:
cd <LinuxShield source directory> make -C <kernel source dir> SUBDIRS=`pwd` modules
If there are no errors, you have two kernel modules lshook.o and linuxshield.o. 8 Copy the modules into your LinuxShield module directory (called /opt/NAI/LinuxShield/lib/modules by default). The modules in this directory are prefixed with the kernel version for which they were compiled. For example, if /proc/sys/kernel/osrelease contains 2.4.21-xyz, the modules are named 2.4.21-xyz-lshook.o and 2.4.21-xyz-linuxshield.o. If you have multiple kernels that cannot be distinguished by the contents of
/proc/sys/kernel/osrelease (the same as the output of uname -r), you need to
use the file kernel.version in the same directory. This file can contain multiple lines. Each has the form:
<prefix>:<build version>
Here <prefix> is a unique string derived from the kernel version. Given a version of 2.4.nn<extra>, the prefix is 2.4.nn<unique tag><extra>, where the unique tag does not contain : for example:
2.4.21-ls-xyz:#1 SMP Sun May 16 12:27:32 UTC 2004
Here <build version> is the contents of /proc/sys/kernel/version (or the output of uname -v) when the matching kernel is running. During LinuxShield startup, if kernel modules are identified as matching the running kernel, symbolic links are created in the directory /lib/modules/`uname -r`/nai. The targets of these links can determine which module files have been loaded.
2 Configure the kernel source. You need the configuration file that was used to compile your kernel.
22
System Requirements
Creating kernel modules
Note
If you are using a vendor-supplied kernel, the /boot directory normally contains a copy of the configuration file, which has a config- prefix or a .config extension.
3 Copy the configuration file to the file .config in the top-level directory of your kernel source tree, and run make oldconfig:
cp <kernel config file> .config make oldconfig
If asked for any configuration items, your configuration file is incomplete, and you need to ask the supplier about the correct answers. 4 Check the version information in the top-level kernel Makefile. In particular, check that EXTRAVERSION is set appropriately. Sometimes the version information is set to a custom value in vendor-supplied source. The definition for KERNELRELEASE when expanded should match the contents of /proc/sys/kernel/osrelease assuming that you are building modules for the kernel that is currently running. The standard definition for KERNELRELEASE is:
KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)$(EXTRAVERSION)
This step creates generated files that are necessary for module compilation.
You are now ready to build the LinuxShield kernel modules. The Makefile provided to build the LinuxShield modules requires 3.80 or later of GNU Make. Check your version of make by using make --version. If you have version 3.79 or earlier, you need to upgrade.
Note
6 Unpack the source files into an empty directory, and use the kernel build system to build the modules:
cd <LinuxShield source directory> make -C <kernel source dir> SUBDIRS=`pwd` modules
If there are no errors, you have two kernel modules lshook.ko and linuxshield.ko. 7 Copy these modules into your LinuxShield module directory (called /opt/NAI/LinuxShield/lib/modules by default).
The modules in this directory are prefixed with the kernel version for which they were compiled. For example, if /proc/sys/kernel/osrelease contains 2.6.9-xyz, the modules will be named 2.6.9-xyz-lshook.ko and 2.6.9-xyz-linuxshield.ko.
Note
use the file kernel.version in the same directory. This file can contain multiple lines, each having the form:
<prefix>:<build version>
23
System Requirements
Creating kernel modules
Here <prefix> is a unique string that is derived from the kernel version. Given a version of 2.6.nn<extra>, the prefix is 2.6.nn<unique tag><extra>, where the unique tag does not contain :, for example:
2.6.9-ls-xyz:#1 SMP Sun May 16 12:27:32 UTC2004
Here <build version> is the contents of /proc/sys/kernel/version (or the output of uname -v) when the matching kernel is running. During LinuxShield startup, if kernel modules are identified as matching the running kernel, symbolic links are created in the directory /lib/modules/`uname -r`/nai. The targets of these links can determine which module files have been loaded. 8 Rename the modules to have .o extension instead of .ko extension.
24
Installing LinuxShield
Installing, upgrading and removing the software
You can install LinuxShield manually on hosts (see Manual installation on page 25) or you can use a script (see Silent installation on page 28). The following topics are included: Running LinuxShield on page 29. Removing the software on page 30. Integrating with ePolicy Orchestrator on page 31. Related topics Upgrading from previous LinuxShield versions on page 30.
Manual installation
During installation, you are prompted to supply a password and other information. For most of the questions, you can accept the default value that is offered. To set up email notification for alerts if it is required, you need an MTA (Mail Transfer Agent) configured, and the following information: Email address of the LinuxShield administrator. Address for the SMTP host. TCP/IP port number for the SMTP host. To install McAfee Runtime: 1 Download the MFErt.i686.rpm file. 2 At the command prompt, type:
rpm -ivh MFErt.i686.rpm
To install McAfee Agent (MA): 3 Download the MFEcma.i686.rpm file. 4 At the command prompt, type:
rpm -ivh MFEcma.i686.rpm
25
Installing LinuxShield
Manual installation
5 Answer the questions when prompted. These include whether installing CMA in managed or unmanaged mode.
For more information on deploying LinuxShield in managed mode, refer the LinuxShield Configuration guide.
Note
To install LinuxShield:
Before installing LinuxShield, you must have McAfee Runtime and McAfee Agent already installed on the computer. See Installing McAfee Runtime and Installing McAfee Agent.
Note
where <version> is a version number such as 108, and <arch> is i386 for 32-bit platforms and x86-64 for 64-bit platforms. 9 Answer the questions when prompted. Accept the default values, or type your own. 10 When prompted to start the LinuxShield services, select the default option, y. 11 To confirm that the system is running correctly, type:
/etc/init.d/nails status
To install LinuxShield 1.5.1 on Novel Open Enterprise Server 1 or 2 1 Remove LinuxShield (if installed) using the command:
rpm -e LinuxShield
2 From the Novell eDirectory server use iManager and create a user called nails and a group called nailsgroup. 3 Add the user nails a member of the nailsgroup. Enable the user and group using the Linux User Management. 4 Provide nails user with administrative privileges on all the NSS volumes.
rights -f /media/nss/<VOL-name> -r s trustee nails.<context>.<tree>
Tip
You need to provide administrative privileges to the nails user, every time a new NSS volume is created.
5 Download the MFErt.i686.rpm and MFEcma.i686.rpm file. 6 Install McAfee Runtime and McAfee Agent using the commands:
rpm -ivh MFErt.i686.rpm rpm -ivh MFEcma.i686.rpm
Answer the questions when prompted. These include the IP address of the ePolicy Orchestrator server, and port number for the agent-to-server connection.
26
Installing LinuxShield
Manual installation
8 Type nailsgroup for the Linux group for LinuxShield administrator. 9 Type nails for the LinuxShield user. 10 Answer the questions when prompted. Accept the default values, or type your own. 11 When prompted to start the LinuxShield services, select the default option, y.
27
Installing LinuxShield
Silent installation
Silent installation
Note
Before installing LinuxShield, you must have McAfee Runtime and McAfee Agent already installed on the computer. See Installing McAfee Runtime and Installing McAfee Agent.
1 Create the file nails.options in the root home directory. For example:
SILENT_ACCEPTED_EULA=yes SILENT_INSTALLDIR=/opt/NAI/LinuxShield SILENT_RUNTIMEDIR=/var/opt/NAI/LinuxShield SILENT_ADMIN=admin@example.com SILENT_HTTPHOST=192.168.255.200 SILENT_HTTPPORT=55443 SILENT_MONITORPORT=65443 SILENT_SMTPHOST=example.example.com. SILENT_SMTPPORT=25 SILENT_NAILS_USER=nails SILENT_NAILS_GROUP=nailsgroup SILENT_CREATE_USER=no SILENT_CREATE_GROUP=no SILENT_RUN_WITH_MONITOR=yes SILENT_QUARANTINEDIR=/quarantine SILENT_START_PROCESSES=yes SILENT_CONTINUE_INSTALL_ON_PAM_ERROR=no Use SILENT_CONTINUE_INSTALL_ON_PAM_ERROR only when 32-bit PAM libraries are not present. If you set this flag to yes and continue without Pluggable Authentication Module (PAM) libraries, the installation of LinuxShield monitor component is skipped, and the web interface will not be available. However, you can still manage the LinuxShield host using ePolicy Orchestrator or the web interface of some other LinuxShield host. See information about configuring LinuxShield in the Product Guide.
Note
Note
28
Installing LinuxShield
Running LinuxShield
where <version> is a version number such as 108, and <arch> is i386 for 32-bit platforms and x86-64 for 64-bit platforms. 4 After performing the installation, use the command passwd to assign a password to the user, nails. To manage several hosts from one browser location, each host must have the same user name and password. To install LinuxShield 1.5.1 on Novel Open Enterprise Server 1 or 2 in Silent Mode: 1 From the Novell eDirectory server use iManager and create a user called nails and a group called nailsgroup. 2 Add the user nails a member of the nailsgroup. Enable the user and group using the Linux User Management. 3 Provide nails user with administrative privileges on all the NSS volumes. 4 In nails.options file, check if the following parameters are:
SILENT_NAILS_USER=nails SILENT_NAILS_GROUP=nailsgroup
Running LinuxShield
1 To open the LinuxShield browser interface, use a supported browser:
https://<hostname>:<port number>
where <hostname> is the name of the host on which LinuxShield is installed. By default, the port number is 55443. 2 On the logon page, type the user name, nails and enter the password that you specified during installation. 3 If you see messages caused by the use of certificates, see Handling old certificates.
29
Installing LinuxShield
Removing the software
2 At Settings, select Configure Konqueror. 3 At the new window, click the icon on the left side, called Crypto. 4 On the right pane, click the Peer SSL Certificate tab to display every certificate that you have saved. 5 Select and remove the Network Associates certificate. When you log on again, you are prompted with the new certificate. Mozilla 1 Open Mozilla. 2 Select Edit | Preferences. 3 Expand Privacy & Security. 4 Select Certificate on the left side, and click Manage Certificates from the right pane. 5 On the new window, select the Authority tab and scroll to find Network Associates. 6 Expand this, and find the certificate displaying the IP address of the host or the host name. Select the certificate and delete it. These steps should remove the certificate, and allow you to import the new certificate associated with the host. Internet Explorer Microsoft Internet Explorer does not save the certificate, but it will prompt you to accept the certificate every time that you log on.
Note
Note
30
Installing LinuxShield
Integrating with ePolicy Orchestrator
Answer the questions when prompted. These include the IP address of the ePolicy Orchestrator server, and port number for the agent-to-server connection. 3 At the command prompt, type:
rpm -U LinuxShield-1.5.1-<version>.<arch>.rpm
where <version> is a version number such as 108, and <arch> is i386 for 32-bit platforms and x86-64 for 64-bit platforms. 4 To confirm that the system is running, type:
/etc/init.d/nails status
ePolicy Orchestrator 4.0 The following extensions need to be added to the ePolicy Orchestrator server:
LYNXSHLD1510.ZIP LYNXSHLD1510PARSER.ZIP See the LinuxShield Configuration Guide and ePolicy Orchestrator Product Guide for details.
Note
PLDP Process
PLDP is a Novell Partner Linux Driver process which allows automatic updates of LinuxShield Kernel Hooking modules when kernel updates happens. This process is supported on SLES 9 kernel 2.6.5-7.282 and above.
31
Installing LinuxShield
PLDP Process
Note
1 Install LinuxShield. 2 Install McAfee-LinuxShield rpm from /opt/NAI/package/LinuxShield directory. When kernel update occurs, the McAfee-LinuxShield rpm automatically upgrades to the latest version available at the download site: http://forgeftp.novell.com/driver-process/pub/update/mcafee/sle9/common/
Install the kernel-update-tool and update to yast2-packagemanager version 2.9.70-0.3 or above.
Note
Note
32