6 5
ESET, spol s r o ESET Endpoi nt Secur i t y ESET, spol s r o www eset com ESET, spol s r o www eset com/ suppor t 10/ 13/ 2017
目录 7 1 5 3 正在清除 21 1 E S E T E ndpoi nt S ec ur i ty 5 7 1 5 4 排除 21 7 1 5 5 限制 21 1 1 版本 6 的新功能 5 7 1 5 6 其他 21 1 2 系统要求 5 7 1 6 检测到渗透 22 2 用户通过 ot e ES E T Rem e b 和电子邮件防护 22 Adm i ni s t r at or 进行连接 6 7 2 W W eb 访问保护 22 7 2 1 2 1 E S E T Re mot e Admi ni s t r a t or 7 2 1 1 端口 22 S e r v e r 6 7 2 1 2 URL 列表 22 2 2 W e b 控制台 7 7 2 2 电子邮件防护 23 2 3 代理 7 7 2 2 1 POP3 协议检查 23 服务器代理 2 4 8 7 2 2 2 I MAP 协议检查 23 2 5 RD S e ns or 8 7 3 网络钓鱼防护 23 3 安装 9 8 防火墙 24 3 1 典型安装 9 8 1 过滤模式 24 3 2 自定义安装 10 防火墙规则 8 2 2 4 3 3 远程安装 1 0 8 2 1 创建新规则 25 3 3 1 创建远程安装包 10 在目标计算机上远程安装 8 3 防火墙区域 25 3 3 2 11 3 3 3 远程卸载 11 8 4 防火墙配置文件 25 3 3 4 远程升级 11 8 5 防火墙日志 25 9 设备控制 26 4 产品激活 12 9 1 规则编辑器 26 5 卸载 13 10 W eb 控制 28 6 基本概述 14 11 工具 29 6 1 键盘快捷键 14 检查系统操作 1 1 1日志文件 29 6 2 1 5 11 1 1 日志维护 29 6 3 程序工作不正常时如何应对 1 5 11 1 2 日志过滤 30 7 计算机防护 16 1 1 2计划任务 30 11 2 1 创建新任务 31 7 1 病毒和间谍软件防护 16 11 2 2 创建用户定义的任务 31 7 1 1 常规 16 7 1 1 1 排除 16 1 1 3L i v e Gr i d 3 1 11 3 1 可疑文件 32 7 1 2 启动防护 16 7 1 3 文件系统实时防护 17 1 1 4隔离 32 11 4 1 隔离文件 32 7 1 3 1 高级选项 17 恢复隔离的文件 33 11 4 2 7 1 3 2 何时修改实时防护配置 17 11 4 3 提交隔离区中的文件 33 7 1 3 3 检查实时防护 17 7 1 3 4 实时防护不工作时如何应对 18 1 1 5权限 33 手动计算机扫描 7 1 4 18 1 1 6演示模式 33 扫描类型 19 7 1 4 1 1 1 7正在运行的进程 34 7 1 4 1 1 智能扫描 19 7 1 4 1 2 自定义扫描 12 用户界面 35 1 2 1警报和通知 35 19 7 1 4 2 扫描目标 19 12 1 1 显示警报 35 7 1 4 3 扫描配置文件 19 12 1 2 防护状态 35 引擎参数设置 e 20 7 1 5 Thr eat Sens 1 2 2右键菜单 36 7 1 5 1 对象 20 7 1 5 2 选项 20 13 更新 37
13 1 37 13 1 1 38 13 2 38 13 3 38 13 4 39 14 40 14 1 40 14 2 40 14 3 40
1 ESET Endpoi nt Sec ur i t y ESET Endpoint Security 6 ThreatSense ESET Endpoint Security 6 Rootkit Internet ESET Remote Administrator 6 1 1 6 ESET Endpoint Security 6 - IDS (Intrusion detection system) Web - Web - Web - POP3 IMAP - - 61 - ESET Endpoint Security - 1 2 ESET Endpoint Security Intel 32 64 macos 109 300 MB 200 MB 5
2 ESET Remot e Admi ni s t r at or ESET Remote Administrator (ERA) 6 ESET ESET Remote Administrator ESET ESET Remote Administrator ESET ESET Microsoft Linux MacOS ERA ESET ESET Remote Administrator 2 1 ESET Remot e Admi ni s t r at or Ser ver ESET Remote Administrator Server ESET Remote Administrator ERA 8 ERA ERA ERA Server ERA Server ERA Server RD Sensor ERA Server ERA Web 7 ESET 6
2 2 Web ERA Web Web ERA Server 6 ESET Web ESET Web Internet ESET Remote Administrator Web Web IPv4/IPv6 Enter 2 3 ERA ESET Remote Administrator 10,000 ERA ERA ERA Server 6 ERA ERA ERA ERA Server ERA ERA ERA Server ERA ERA ERA ERA Server ERA ERA ESET ERA Server ERA 7
2 4 ERA ESET Remote Administrator ESET ESET Endpoint Security ERA Server ESET ERA ESET 1 2 3 ESET ESET ESET 2 5 RD Sens or RD (Rogue Detection) Sensor ESET Remote Administrator ESET Remote Administrator Web RD Sensor ERA Server ERA Server 8
3 ESET Endpoint Security CD/DVD CD/DVD-ROM ESET Endpoint Security 9 10 10 3 1 ESET Live Grid ESET Live Grid ESET ESET Live Grid 31 ESET Endpoint Security 18 9
3 2 ESET Endpoint Security Web IP URL (3128 ( ) ESET Live Grid ESET Live Grid ESET ESET Live Grid 31 24 ESET Endpoint Security 18 3 3 ESET Remote Administrator ESET Endpoint Security 1 ESET 10 2 11 ESET Remote Administrator 6 macos 3 3 1 ESET Endpoint Security Web IP URL (3128 ( ) 10
ESET Live Grid ESET Live Grid ESET ESET Live Grid 31 24 (esets_remote_installpkg) Shell (esets_setupsh) Shell (esets_remote_uninstallsh) 3 3 2 Apple Remote Desktop macos (pkg) Shell ESET Endpoint Security Apple Remote Desktop ESET Endpoint Security 1 Apple Remote Desktop 2 + Shell (esets_setupsh) 3 /tmp 4 ESET Remote Administrator ESET Remote Administrator 3 3 3 ESET Endpoint Security 1 Apple Remote Desktop Shell ( esets_remote_uninstallsh - Shell /tmp /tmp/esets_remote_uninstallsh ) 2 root 3 3 3 4 Apple Remote Desktop ESET Endpoint Security 11
4 CD/DVD ESET ESET Endpoint Security macos ESET Endpoint Security > > ESET Endpoint Security - XXXX-XXXX-XXXX-XXXX-XXXX - ESET - ESET ESET License Administrator ESET Remote Administrator ESET Remote Administrator ESET Endpoint Security 63850 sudo /esets_daemon --wait-respond --activate key=xxxx-xxxx-xxxx-xxxx-xxxx XXXX-XXXX-XXXX-XXXX-XXXX ESET Endpoint Security ESET License Administrator 12
5 ESET Endpoint Security ESET Endpoint Security CD/DVD Finder ESET Endpoint Security ( dmg ) Finder CTRL ESET Endpoint Security Contents > Helpers Uninstaller 13
6 ESET Endpoint Security - Web - 18 - - - 29 30 32 34 - Internet 6 1 ESET Endpoint Security cmd+, - ESET Endpoint Security cmd+o - ESET Endpoint Security GUI cmd+q - ESET Endpoint Security GUI macos ESET Endpoint Security cmd+w - ESET Endpoint Security GUI > > cmd+alt+l - cmd+alt+s - cmd+alt+q - 14
6 2 ESET Endpoint Security 6 3 ESET ESET ESET Endpoint Security 15
7 > 7 1 7 1 1 > > - - - UPX PE_Compact PKLite ASPack Web 16 7 1 1 1 IP/IPv6 - - - *? - - Web IP/IPv6 7 1 2 ThreatSense 20 ThreatSense 16
7 1 3 ThreatSense ThreatSense 20 ESET Endpoint Security > Real-time - - CD DVD USB - > cmd+, > 17 7 1 3 1 ThreatSense ThreatSense 20 ThreatSense - ESET Live Grid - OS X 1010 Microsoft Word 2011 Word 2016 7 1 3 2 ESET Endpoint Security > > 7 1 3 3 eicarcom EICAR ESET Remote Administrator /Applications/esets/Contents/MacOS/esets_daemon --status RTPStatus=Enabled RTPStatus=Disabled 17
BASH ESET Endpoint Security 7 1 3 4 > ESET 7 1 4 > Finder ESET Endpoint Security /Applications 18
7 1 4 1 7 1 4 1 1 21 7 1 4 1 2 > > 7 1 4 2 7 1 4 3 > cmd+, > 19
ThreatSense 20 : ThreatSense 7 1 5 Thr eat Sens e ThreatSense ESET ThreatSense Rootkit ThreatSense > cmd+, ThreatSense ThreatSense ThreatSense - - - Web ThreatSense ThreatSense 7 1 5 1 - - - - rar zip arj tar - - UPX yoda ASPack FGS 7 1 5 2 - - ESET 20
7 1 5 3 3 - - - 7 1 5 4 ThreatSense log, cfg tmp log cfg tmp 7 1 5 5 : : : 10 : 7 1 5 6 ESET ESET Endpoint Security ThreatSense 21
7 1 6 USB CD DVD 1 2 19 3 ESET Endpoint Security - - 7 2 Web Web > Web Web - Web HTTP - POP3 IMAP - ESET Web - 7 2 1 Web Web Web HTTP Web HTTP 22 URL 22 7 2 1 1 HTTP 80 8080 3128 7 2 1 2 URL URL HTTP URL URL URL URL *?? 22
7 2 2 POP3 IMAP ThreatSense POP3 IMAP ThreatSense - - HTML - - - - - POP3 IMAP POP3 23 IMAP 23 7 2 2 1 POP3 POP3 ESET Endpoint Security POP3 110 POP3 POP3 7 2 2 2 I MAP Internet (IMAP) Internet POP3 IMAP ESET Endpoint Security IMAP IMAP 143 IMAP IMAP 7 3 PIN > > ESET 23
8 HTTP POP3 IMAP > 8 1 ESET Endpoint Security > > - - - > 8 2 Apple Apple 24
8 2 1 1 /Applications 2 ESET Endpoint Security > 3 TCP UDP 4 IP Internet 8 3 IPv4/IPv6 WiFi 8 4 ESET Endpoint Security 8 5 ESET Endpoint Security > ESET 25
9 ESET Endpoint Security - HDD USB CD/DVD USB ESET Endpoint Security > 29 9 1 > > ESET Endpoint Security ESET Endpoint Security USB FireWire - - - - ID - - CD/DVD CD/DVD 26
? 29 - - - - - - 27
10 Web Web Web 27 140 Web > > Web Web URL Web 29 URL - URL/ URL URL? TLD examplepagecom examplepagesk URL subexamplepagecom - URL/ - URL - URL 30 - - - - - 28
11 11 1 ESET Endpoint Security ESET Endpoint Security > 1-2 - ESET Endpoint Security 3-4 - 5-6 Web - URL 7 - Web 22 Web 28 URL IP 11 1 1 ESET Endpoint Security > > > - - CSV : eventslogtxt threatslogtxt scanlog NUMBER txt devctllogtxt firewalllogtxt webctllogtxt Web 30 29
11 1 2 - - - - - 11 2 ESET Endpoint Security CTRL 30
11 2 1 CTRL 5 nobody macos 1 2 3 cron 31 4 5 ESET Endpoint Security > > 11 2 2 cron 6 (0-59) (0-23) (1-31) (1-12) (1970-2099) (0-7)( = 0 7) 30 6 22 3 2012 4 cron (*) - 3 (-) - 3-9 (,) - 1,3,7,8 (/) - 3-28/5 3 3 5 (Monday-Sunday) (January-December) 11 3 L i ve Gr i d Live Grid ESET Live Grid Live Grid 1 Live Grid ESET Endpoi nt Secur i t y 2 Live Grid ESET ESET Live Grid 31
ESET Live Grid > > Live Grid ESET Live Grid ( ) Live Grid 11 3 1 ESET Endpoint Security ESET > > Live Grid > > - ESET Live Grid ESET ESET # utc_time=2005-04-14 07:21:28 # country= Slovakia # language= ENGLISH # osver=950 # engine=5417 # components=2502 # moduleid=0x4e4f4d41 # filesize=28368 # filename=users/userone/documents/incoming/rdgfr1463[1]zip - (doc, rtf ( ) - ESET 11 4 ESET Endpoint Security ESET ESET Endpoint Security ( /Library/Application Support/Eset/esets/cache/quarantine ) ESET Endpoint Security 11 4 1 ESET Endpoint Security Ctrl > ESET Endpoint Security - 32
11 4 2 CTRL 11 4 3 ESET CTRL 11 5 ESET Endpoint Security > > > 11 6 CPU > > > ESET Endpoint Security Internet Internet 33
11 7 ESET Endpoint Security ESET Live Grid - /Applications/Utilities ) - ESET Endpoint Security ESET Live Grid ESET - ESET Live Grid - ESET Live Grid ID - - - - ID - - - 34
12 > > ESET Endpoint Security macos ESET Endpoint Security cmd+tab ESET Endpoint Security ESET Endpoint Security 14 MacOS ESET Endpoint Security ESET Endpoint Security macos ESET Endpoint Security 12 1 ESET Endpoint Security 35 X 5 ESET Endpoint Security 62 35 12 1 1 ESET Endpoint Security > > > ESET Endpoint Security 12 1 2 ESET Endpoint Security > > > ESET Endpoint Security Web 35
12 2 ESET Endpoint Security > > CTRL Finder 36
13 ESET Endpoint Security 37-12 40 ESET 13 1 ESET ESET Endpoint Security ESET ESET Endpoint Security 37
HTTP 40 1 2 ESET Endpoint Security IP (3128 3 ESET Endpoint Security macos macos > > > > HTTP ESET Endpoint Security MacBooks 13 1 1 ESET Endpoint Security ESET Endpoint Security - 7 13 2 > > ESET Endpoint Security 30 13 3 ESET Endpoint Security CD/DVD ESET Endpoint Security 38
13 4 macos ESET Endpoint Security > > > - - macos macos ESET Endpoint Security [ ] - [ ] - [ ] - softwareupdate softwareupdate man softwareupdate softwareupdate 39
14 14 1 ESET Endpoint Security > ESET Endpoint Security ESET Endpoint Security 40 14 2 > > ESET Endpoint Security Internet ESET Endpoint Security Basic Access NTLM (NT LAN Manager) IP URL (3128 14 3 > > ESET ESET Endpoint Security - IP - (3537 - ESET ESET