6. 5
ESET, spol. s. r. o. ESET Endpoi nt Ant i vi r us ESET, spol. s r. o. www. eset. com ESET, spol. s r. o. www. eset. com/ suppor t 2017/ 10/ 13
..................................... 5 ES ET Endpoi nt Ant i v i r us 1................................................ 5 1. 1 6............................................... 5 1. 2..................................... 6 ES ET Remot e Admi ni s t r at or 2................................................ 6 E S E T Remot e Admi ni s t r a t or S er v er 2. 1............................................... 7 2. 2 Web............................................... 7 2. 3............................................... 8 2. 4............................................... 8 2. 5 RD S ens or..................................... 9 3................................................ 9 3. 1.............................................. 10 3. 2.............................................. 11 3. 3.............................................................. 11 3. 3. 1.............................................................. 12 3. 3. 2.............................................................. 12 3. 3. 3.............................................................. 12 3. 3. 4.................................... 13 4..................................... 15 5..................................... 16 6............................................... 16 6. 1.............................................. 17 6. 2.............................................. 17 6. 3.................................... 18 7............................................... 18 7. 1.............................................................. 18 7. 1. 1.............................................................. 18 7. 1. 1. 1.............................................................. 19 7. 1. 2.............................................................. 19 7. 1. 3.............................................................. 19 7. 1. 3. 1.............................................................. 20 7. 1. 3. 2.............................................................. 20 7. 1. 3. 3.............................................................. 20 7. 1. 3. 4.............................................................. 21 7. 1. 4.............................................................. 21 7. 1. 4. 1........................................................................ 21 7. 1. 4. 1. 1........................................................................ 22 7. 1. 4. 1. 2.............................................................. 22 7. 1. 4. 2.............................................................. 22 7. 1. 4. 3.............................................................. 23 Thr eat Sens e 7. 1. 5.............................................................. 23 7. 1. 5. 1.............................................................. 24 7. 1. 5. 2.................................................................................. 24 7. 1. 5. 3.................................................................................. 24 7. 1. 5. 4.................................................................................. 24 7. 1. 5. 5.................................................................................. 25 7. 1. 5. 6.............................................................................. 25 7. 1. 6........................................................................................... 25 7. 2 Web.............................................................................. 26 Web 7. 2. 1.................................................................................. 26 7. 2. 1. 1.................................................................................. 26 URL 7. 2. 1. 2.............................................................................. 26 7. 2. 2.................................................................................. 27 POP3 7. 2. 2. 1.................................................................................. 27 I MAP 7. 2. 2. 2........................................................................................... 27 7. 3....................................................... 28 8............................................................................................ 28 8. 1....................................................... 30 9............................................................................................ 30 9. 1.............................................................................. 30 9. 1. 1.............................................................................. 31 9. 1. 2........................................................................................... 31 9. 2.............................................................................. 32 9. 2. 1.............................................................................. 33 9. 2. 2........................................................................................... 33 9. 3 L i v e Gr i d.............................................................................. 34 9. 3. 1........................................................................................... 34 9. 4.............................................................................. 35 9. 4. 1.............................................................................. 35 9. 4. 2.............................................................................. 35 9. 4. 3........................................................................................... 35 9. 5........................................................................................... 35 9. 6........................................................................................... 36 9. 7....................................................... 37 10............................................................................................ 37 10. 1.............................................................................. 37 10. 1. 1.............................................................................. 37 10. 1. 2........................................................................................... 38 10. 2....................................................... 39 11............................................................................................ 39 11. 1.............................................................................. 40 11. 1. 1........................................................................................... 41 11. 2........................................................................................... 41 11. 3........................................................................................... 41 11. 4....................................................... 43 12............................................................................................ 43 12. 1........................................................................................... 43 12. 2........................................................................................... 44 12. 3
1. ESET Endpoi nt Ant i vi r us ESET Endpoint Antivirus 6 ThreatSense ESET Endpoint Antivirus 6 Rootkit Internet ESET Remote Administrator 6 1. 1 6 ESET Endpoint Antivirus 6 Web - Web - POP3 IMAP - - 6.1 - ESET Endpoint Antivirus - 1. 2 ESET Endpoint Antivirus Intel 32 64 macos 10.9 macos Server 10.7 300 MB 200 MB 5
2. ESET Remot e Admi ni s t r at or ESET Remote Administrator (ERA) 6 ESET ESET Remote Administrator ESET ESET Remote Administrator ESET ESET Microsoft Linux MacOS ERA ESET ESET Remote Administrator 2. 1 ESET Remot e Admi ni s t r at or Ser ver ESET Remote Administrator Server ESET Remote Administrator ERA 8 ERA ERA ERA Server ERA Server ERA Server RD Sensor ERA Server ERA Web 7 ESET 6
2. 2 Web ERA Web Web ERA Server 6 ESET Web ESET Web Internet ESET Remote Administrator Web Web IPv4/IPv6 Enter 2. 3 ERA ESET Remote Administrator 10,000 ERA ERA ERA Server 6 ERA ERA ERA ERA Server ERA ERA ERA Server ERA ERA ERA ERA Server ERA ERA ESET ERA Server ERA 7
2. 4 ERA ESET Remote Administrator ESET ESET Endpoint Antivirus ERA Server ESET ERA ESET 1. 2. 3. ESET ESET ESET 2. 5 RD Sens or RD (Rogue Detection) Sensor ESET Remote Administrator ESET Remote Administrator Web RD Sensor ERA Server ERA Server 8
3. ESET Endpoint Antivirus CD/DVD CD/DVD-ROM ESET Endpoint Antivirus 9 11 10 3. 1 ESET Live Grid ESET Live Grid ESET ESET Live Grid 33 9
ESET Endpoint Antivirus 21 3. 2 ESET Endpoint Antivirus Web IP URL (3128 ( ) ESET Live Grid ESET Live Grid ESET ESET Live Grid 33 ESET Endpoint Antivirus 21 10
3. 3 ESET Remote Administrator ESET Endpoint Antivirus 1. ESET 2. 12 11 ESET Remote Administrator 6 macos 3. 3. 1 ESET Endpoint Antivirus Web IP URL (3128 ( ) ESET Live Grid ESET Live Grid ESET ESET Live Grid 33 (esets_remote_install.pkg) Shell (esets_setup.sh) Shell (esets_remote_uninstall.sh) 11
3. 3. 2 Apple Remote Desktop macos (.pkg) Shell ESET Endpoint Antivirus Apple Remote Desktop ESET Endpoint Antivirus 1. Apple Remote Desktop 2. + Shell (esets_setup.sh) 3. /tmp 4. ESET Remote Administrator ESET Remote Administrator 3. 3. 3 ESET Endpoint Antivirus 1. Apple Remote Desktop Shell (esets_remote_uninstall.sh - Shell /tmp /tmp/esets_remote_uninstall.sh ) 2. root 3. 3. 3. 4 Apple Remote Desktop ESET Endpoint Antivirus 12
4. CD/DVD ESET ESET Endpoint Antivirus macos ESET Endpoint Antivirus > > ESET Endpoint Antivirus - XXXX-XXXX-XXXX-XXXX-XXXX - ESET - ESET ESET License Administrator ESET Remote Administrator ESET Remote Administrator 13
ESET Endpoint Antivirus 6.3.85.0 sudo./esets_daemon --wait-respond --activate key=xxxx-xxxx-xxxx-xxxx-xxxx XXXX-XXXX-XXXX-XXXX-XXXX ESET Endpoint Antivirus ESET License Administrator 14
5. ESET Endpoint Antivirus ESET Endpoint Antivirus CD/DVD Finder ESET Endpoint Antivirus (.dmg ) Finder CTRL ESET Endpoint Antivirus Contents > Helpers Uninstaller 15
6. ESET Endpoint Antivirus - Web - 21 - - - 30 31 34 36 - Internet 6. 1 ESET Endpoint Antivirus cmd+, - ESET Endpoint Antivirus cmd+o - ESET Endpoint Antivirus GUI cmd+q - ESET Endpoint Antivirus GUI macos ESET Endpoint Antivirus cmd+w - ESET Endpoint Antivirus GUI > > cmd+alt+l - cmd+alt+s - cmd+alt+q - 16
6. 2 ESET Endpoint Antivirus 6. 3 ESET ESET ESET Endpoint Antivirus 17
7. > 7. 1 7. 1. 1 > > - - - UPX PE_Compact PKLite ASPack Web 18 7. 1. 1. 1 IP/IPv6 - - - *? - - Web IP/IPv6 18
7. 1. 2 ThreatSense 23 ThreatSense 7. 1. 3 ThreatSense ThreatSense 23 ESET Endpoint Antivirus > Real-time - - CD DVD USB - > cmd+, > 19 7. 1. 3. 1 ThreatSense ThreatSense 23 ThreatSense - ESET Live Grid - OS X 10.10 Microsoft Word 2011 Word 2016 19
7. 1. 3. 2 ESET Endpoint Antivirus > > 7. 1. 3. 3 eicar.com EICAR ESET Remote Administrator /Applications/.esets/Contents/MacOS/esets_daemon --status RTPStatus=Enabled RTPStatus=Disabled BASH ESET Endpoint Antivirus 7. 1. 3. 4 > ESET 20
7. 1. 4 > Finder ESET Endpoint Antivirus /Applications 7. 1. 4. 1 7. 1. 4. 1. 1 24 21
7. 1. 4. 1. 2 > > 7. 1. 4. 2 7. 1. 4. 3 > cmd+, > ThreatSense 23 : ThreatSense 22
7. 1. 5 Thr eat Sens e ThreatSense ESET ThreatSense Rootkit ThreatSense > cmd+, ThreatSense ThreatSense ThreatSense - - - Web ThreatSense ThreatSense 7. 1. 5. 1 - - - - rar zip arj tar - - UPX yoda ASPack FGS 23
7. 1. 5. 2 - - ESET 7. 1. 5. 3 3 - - - 7. 1. 5. 4 ThreatSense log,cfg tmp log cfg tmp 7. 1. 5. 5 : : : 10 : 24
7. 1. 5. 6 ESET ESET Endpoint Antivirus ThreatSense 7. 1. 6 USB CD DVD 1. 2. 21 3. ESET Endpoint Antivirus - - 7. 2 Web Web > Web Web - Web HTTP - POP3 IMAP - ESET 25
7. 2. 1 Web Web Web HTTP Web HTTP 26 URL 26 7. 2. 1. 1 HTTP 80 8080 3128 7. 2. 1. 2 URL URL HTTP URL URL URL URL *?? 7. 2. 2 POP3 IMAP ThreatSense POP3 IMAP ThreatSense - - HTML - - - - - 26
POP3 IMAP POP3 IMAP 27 27 7. 2. 2. 1 POP3 POP3 ESET Endpoint Antivirus POP3 110 POP3 POP3 7. 2. 2. 2 I MAP Internet (IMAP) Internet POP3 IMAP ESET Endpoint Antivirus IMAP IMAP 143 IMAP IMAP 7. 3 PIN > > ESET 27
8. ESET Endpoint Antivirus - HDD USB CD/DVD USB ESET Endpoint Antivirus > 30 8. 1 > > ESET Endpoint Antivirus ESET Endpoint Antivirus USB FireWire 28
- - - - ID - - CD/DVD CD/DVD? 30 - - - - - - 29
9. 9. 1 ESET Endpoint Antivirus ESET Endpoint Antivirus > 1. - 2. - ESET Endpoint Antivirus 3. - 4. - 5. - Web 26 URL IP 9. 1. 1 ESET Endpoint Antivirus > > > - - CSV : eventslog.txt threatslog.txt 30
scanlog. NUMBER.txt devctllog.txt 31 9. 1. 2 - - - - - 9. 2 ESET Endpoint Antivirus 31
CTRL 9. 2. 1 CTRL 5 nobody macos 1. 2. 3. cron 33 4. 5. ESET Endpoint Antivirus > > 32
9. 2. 2 cron 6 (0-59) (0-23) (1-31) (1-12) (1970-2099) (0-7)( = 0 7) 30 6 22 3 2012 4 cron (*) - 3 (-) - 3-9 (,) - 1,3,7,8 (/) - 3-28/5 3 3 5 (Monday-Sunday) (January-December) 9. 3 L i ve Gr i d Live Grid ESET Live Grid Live Grid 1. Live Grid ESET Endpoint Antivirus 2. Live Grid ESET ESET Live Grid ESET Live Grid > > Live Grid ESET Live Grid ( ) Live Grid 33
9. 3. 1 ESET Endpoint Antivirus ESET > > Live Grid > > - ESET Live Grid ESET ESET # utc_time=2005-04-14 07:21:28 # country= Slovakia # language= ENGLISH # osver=9.5.0 # engine=5417 # components=2.50.2 # moduleid=0x4e4f4d41 # filesize=28368 # filename=users/userone/documents/incoming/rdgfr1463[1].zip - (.doc,.rtf ( ) - ESET 9. 4 ESET Endpoint Antivirus ESET ESET Endpoint Antivirus (/Library/Application Support/Eset/esets/cache/quarantine ) ESET Endpoint Antivirus 34
9. 4. 1 ESET Endpoint Antivirus Ctrl > ESET Endpoint Antivirus - 9. 4. 2 CTRL 9. 4. 3 ESET CTRL 9. 5 ESET Endpoint Antivirus > > > 9. 6 CPU > > > ESET Endpoint Antivirus 35
9. 7 ESET Endpoint Antivirus ESET Live Grid - /Applications/Utilities ) - ESET Endpoint Antivirus ESET Live Grid ESET - ESET Live Grid - ESET Live Grid ID - - - - ID - - - 36
10. > > ESET Endpoint Antivirus macos ESET Endpoint Antivirus cmd+tab ESET Endpoint Antivirus ESET Endpoint Antivirus 16 MacOS ESET Endpoint Antivirus ESET Endpoint Antivirus macos ESET Endpoint Antivirus 10. 1 ESET Endpoint Antivirus 37 X 5 ESET Endpoint Antivirus 6.2 37 10. 1. 1 ESET Endpoint Antivirus > > > ESET Endpoint Antivirus 10. 1. 2 ESET Endpoint Antivirus > > > ESET Endpoint Antivirus Web 37
10. 2 ESET Endpoint Antivirus > > CTRL Finder 38
11. ESET Endpoint Antivirus 39-13 43 ESET 11. 1 ESET 39
ESET Endpoint Antivirus ESET ESET Endpoint Antivirus HTTP 43 1. 2. ESET Endpoint Antivirus IP (3128 3. ESET Endpoint Antivirus macos macos > > > > HTTP ESET Endpoint Antivirus MacBooks 11. 1. 1 ESET Endpoint Antivirus ESET Endpoint Antivirus - 7 40
11. 2 > > ESET Endpoint Antivirus 31 11. 3 ESET Endpoint Antivirus CD/DVD ESET Endpoint Antivirus 11. 4 macos ESET Endpoint Antivirus > > > - - macos macos ESET Endpoint Antivirus [ ] - [ ] - [ ] - 41
softwareupdate softwareupdate man softwareupdate softwareupdate 42
12. 12. 1 ESET Endpoint Antivirus > ESET Endpoint Antivirus ESET Endpoint Antivirus 12. 2 > > ESET Endpoint Antivirus Internet ESET Endpoint Antivirus Basic Access NTLM (NT LAN Manager) IP URL (3128 43
12. 3 > > ESET ESET Endpoint Antivirus - IP - (3537 - ESET ESET 44