Unisar 1.24.1867 Scanning mechanism, More in the manual

Page 25

The scanning mechanism

Description and

03

features

Chapter 3. The scanning mechanism

The central part of BitDefender Antivirus Scanner for Unices consists of the BitDefender architecture-independent scanning engines. These are specialized data analysis routines and malware signature definitions, since many viruses can be identified upon a distinctive code pattern. The BitDefender Antivirus engine database includes over 250000 different malware signatures, at the moment of this writing, and the number constantly increases every few hours.

For identifying the unknown viruses, the engines can perform the heuristic analysis, searching for several features characterizing the viruses.

The objects to be scanned can be directories or regular files, provided as command line parameters. After the object is eventually deployed in a temporary file, the engines are asked to start the scanning process.

Using the powerful engines, the object is unpacked, if needed, and scanned. The scanning result is sent back to bdscan, which will further notify the user and will try to apply the desired action. The action can be one of the following, triggered with --actioncommand line option.

Disinfect. BitDefender will try to disinfect the object, by removing the infected or suspected part. The action can fail sometimes.

Quarantine. The object will be moved from its original location to a secured directory, the quarantine.

Delete. The object will be simply removed from the filesystem.

Ignore. Even if infected objects are found, BitDefender will just report them and no action will be performed.

By default, bdscan will scan inside archives, inside mail boxes and inside packed programs. If this behavior is not desirable, there are command line options to disable them selectively --no-archive,--no-mail and --no-pack, respectively.

If the scanning path is a directory, bdscan will descend recursively in sub-directories and scan the files found. The recursion depth can be specified in command line or can be entirely disabled.

More in the manual page

You can find more about the supported command line options in bdscan(8) manual page.

25

Page 24 Page 26
Image 25
Page 24 Page 26
Contents Users Guide Users Guide As every cat owner knows, nobody owns a cat BitDefender Antivirus Scanner for Unices Table of Contents Configuration file Testing BitDefender UninstallReal life usage BitDefender integrationFrequently Asked Questions Support UpdatesProduct registration Best practicesBitDefender Antivirus Scanner for Unices Viii End User Software License Agreement End User Software License Agreement End User Software License Agreement Xii Conventions used in this book PrefaceTypographical conventions Admonitions CommandBook structure Request for Comments Description and features Description and features Overview Why BitDefender?Data Security Division Softwin Description BitDefender Antivirus Scanner for Unices Product featuresKey Features More in the manual Scanning mechanismFeatures Installation Installation System requirements PrerequisitesHardware system requirements Software system requirements Package naming conventionLinux convention Linux requirementsFreeBSD convention Installation Test the package for integrity Package installationTest the rpm and deb packages Test the FreeBSD tbz package Test the self-extractable archiveInstall the rpm package Install the packageInstall the deb package Install the self-extractable archiveAdditional parameters Install the FreeBSD package InstallerConfigures the quarantine directory Uninstall the rpm package UninstallUninstall the deb package Uninstall using the self-extractable archiveUninstall a package downloaded locally Uninstall the FreeBSD packageUninstall from the ports collection Using BitDefender Using BitDefender System versus User configuration Configuration fileKey Description More about triggered updateRegular users and quarantine Using07 BitDefenderProduct registration Using BitDefenderScan an executable file Testing BitDefenderEicar online resources Scan an archive Command output will be the followingScan a mailbox Tmp/mail.mbox Virus scanning Real life usageScan a regular file Scan a directory Scan the entire system Actions on archives Scan the archivesScan the mailbox Report Using the log fileDisplay the virus list Get more informationDisplay the product version Virus submissionBitDefender integration Midnight CommanderDesktop integration KDE Konqueror Different installation pathDo not break the last line Action on file in Konqueror KrusaderKrusaders User Actions ROX-FilerPine Information Center PineThis is how the screen should look like What to do with infected emailsExit Status Interval 1,254 BitDefender pipe bdscanpipe EvolutionKMail Filter actions in KMail Server integrationMailScanner installation Qmail-Scanner installationMailScanner Change it to the following form Amavisd-newAmavisd-new installation Using Triggered update UpdatesRun the triggered update Regular updatesEdit the cron table Http proxy Manual updateOrder to extract the updates Trial License License for home or personal use Product registrationCheck the expiration date License for commercial use Best practices Best practices Getting help Getting help Frequently Asked Questions Getting help Support department SupportBitDefender Knowledge Base Web addresses Contact informationAddress Softwin GmbHBitDefender LLC RomaniaGetting help Manual Pages Manual Pages Description SynopsisOptions Manual Pages Actions Files ExamplesSee also BugsManual Pages Glossary Cookie Command lineDisk drive DownloadFalse positive EventsFilename extension HeuristicMail client Macro virusNon-heuristic Packed programsReport file PortScript Startup itemsVirus UpdateVirus definition Worm
Top Page Image Contents