Webwasher 6.0.1 Anti-Malware User's Guide - McAfee

More documents

Recommendations

Info

Content Security 4–62 Using this section, you can configure actions for unsolicited POSTs. The method provided here detects unsolicited uploading of potentially private data via HTTP POST requests, which is a kind of “Phone Home” activity. If you want to use this feature, mark the checkbox next to the section heading. After specifying this setting or the action settings, click on Apply Changes to make these settings effective. Use the following drop-down list to configure an action for unsolicited POSTs: • Unsolicited POST detected From the drop-down list provided here, select an action, e. g. Block, Allow, etc., to have it performed whenever an unsolicited POST is detected. Lock out client computers with PUPs installed The section labeled Lock out client computers with PUPs installed looks like this: Using this section, you can configure actions to be performed for all requests from a client when it has been detected that Potentially Unwanted Programs (PUPs) are installed on this client. The client will be treated as having been locked out in this case. This may be useful for the following reasons: The blocked request may have been sent by an adware or spyware program “in the background”. The block message sent by <strong>Webwasher</strong> may thus not be visible to the user. So, when notifying the user of the potential infection, it may be be desired to block all regular Web access for this user over a given period. Furthermore, the blocked request may not be the only request sent by the adware or spyware program. As <strong>Webwasher</strong> may not detect all requests sent by the infected client, it may be desirable to quarantine this client until it has been thoroughly cleaned. Detection of PUPs on a client is achieved by the three methods that can also be configured on this tab. A list of the locked-out clients is provided in the Currently locked-out client computers section, which is also located on this tab.
Content Security If you want to use the feature provided here, make sure the checkbox next to the section heading is marked. The checkbox is marked by default. After modifying this setting or any other setting in this section, click on Apply Changes to make these modification effective. Use the following drop-down list and input fields buttons to configure the lockout of clients: • Request sent by a locked-out client computer From the drop-down list provided here, select an action, e. g. Block, Allow, etc., to have it performed whenever a request is sent by a locked-out client. Select an action here, e. g. Block, Allow, etc., that should be executed in this situation. • Clients should be treated as locked out for . . . seconds, whenever they yielded at least . . . of the above listed PUP identification criteria within a period of . . . seconds In the input fields provided here, enter the appropriate values to specify the parameters for treating a client as locked out. By default, a client is locked out for five minutes after three of the infection criteria have been found to apply within a quarter of an hour. Currently locked-out client computers The Currently locked-out client computers section looks like this: This section displays a list of the clients that are currently treated as locked out because it has been detected that Potentially Unwanted Programs are installed on them. The section labeled LockoutclientcomputerswithPUPsinstalledon this tab shows you if the lock-out option is enabled and how its parameters are set. 4–63
Page 1 and 2:
USER’S GUIDE Webwasher Anti-Malwa
Page 3 and 4:
Contents Chapter 1 Introduction ...
Page 5:
Contents 4.9 Proactive Scanning Cac
Page 8 and 9:
Introduction 1.1 About This Guide T
Page 10 and 11:
Introduction 1.3.1 First Level Tabs
Page 12 and 13:
Introduction 1-6 Otherwise, you cou
Page 14 and 15:
Introduction 1-8 When you are attem
Page 16 and 17:
Introduction 1-10 Search A Search i
Page 18 and 19:
Introduction 1.4.1 Documentation on
Page 20 and 21:
Introduction 1.5 The Webwasher Prod
Page 23 and 24:
Home Chapter 2 The features that ar
Page 25 and 26:
2.2.1 Overview (Feature) The Overvi
Page 27 and 28:
System Summary The System Summary s
Page 29 and 30:
2.3 Support 2.3.1 Support Home The
Page 31 and 32:
2.4 Feedback Home The Feedback opti
Page 33 and 34:
URL Filter Database Feedback The UR
Page 35 and 36:
Home The default interval is 240 mi
Page 37 and 38:
Use the following items to configur
Page 39 and 40:
Home Using this section, you can ad
Page 41 and 42:
2.5.1 Documentation on Main Product
Page 43 and 44:
2.5.2 Documentation on Special Prod
Page 45 and 46:
Home To view any of the documents l
Page 47 and 48:
They are described in the following
Page 49 and 50:
Home To what extent you are allowed
Page 51 and 52:
2.7.1 Information The Information t
Page 53 and 54:
To import a license, proceed as fol
Page 55 and 56:
Home After specifying the appropria
Page 57 and 58:
Common Chapter 3 The features that
Page 59 and 60:
3.2.1 Actions Common To do this, se
Page 61 and 62:
• Non-rectifiable media types wit
Page 63 and 64:
3.2.2 Media Type Black List The Med
Page 65 and 66:
Common This addition will be valid
Page 67 and 68:
Media Type White List The Media Typ
Page 69 and 70:
3.3 Document Inspector Common The D
Page 71 and 72:
Document Download Filter The Docume
Page 73 and 74:
Common This active content may be h
Page 75 and 76:
Common • Structured Storage docum
Page 77 and 78:
Archive Handling The Archive Handli
Page 79 and 80:
3.5.1 Generic Header Filter The Gen
Page 81 and 82:
3.6 Generic Body Filter Common The
Page 83 and 84:
Body Filter List The Body Filter Li
Page 85 and 86:
3.7.1 Settings • Dimension Filter
Page 87 and 88:
— Windows Common Enables or disab
Page 89 and 90:
— Applets Enables or disables the
Page 91 and 92:
Animation Filter The Animation Filt
Page 93 and 94:
3.7.2 Link Filter List Then check t
Page 95 and 96:
— do not filter Common Enable thi
Page 97 and 98:
Dimension Filter List The Dimension
Page 99 and 100:
3.8 Privacy Filters Common The Priv
Page 101 and 102:
Using this section, you can configu
Page 103 and 104:
Cookie Filter The Cookie Filter sec
Page 105 and 106:
3.8.2 Cookie Filter List The Cookie
Page 107 and 108:
3.9 The Cookie Filter List is displ
Page 109 and 110:
Text Categorization The Text Catego
Page 111 and 112:
Text Categorization List The Text C
Page 113 and 114:
3.10 Common If the number of entrie
Page 115 and 116:
White List The White List section l
Page 117 and 118:
Common To sort the list in ascendin
Page 119 and 120:
User Defined Categories The User De
Page 121 and 122:
3.12.1 Media Type Catalog The Media
Page 123 and 124:
Common The media type tells the app
Page 125:
Use the following items to perform
Page 128 and 129:
Content Security 4.1 Overview 4.2 T
Page 130 and 131:
Content Security 4-4 Virus Scanning
Page 132 and 133:
Content Security 4.2.2 Potentially
Page 134 and 135:
Content Security The options are ar
Page 136 and 137:
Content Security 4-10 Depending on
Page 138 and 139: Content Security 4.3.2 Setup Wizard
Page 140 and 141: Content Security 4-14 In general, t
Page 142 and 143: Content Security 4.3.3 About 4-16 T
Page 144 and 145: Content Security 4-18 ActiveX Contr
Page 146 and 147: Content Security 4-20 ActiveX Analy
Page 148 and 149: Content Security 4-22 Windows Execu
Page 150 and 151: Content Security 4.3.7 General Opti
Page 152 and 153: Content Security 4-26 Malware Queue
Page 154 and 155: Content Security 4-28 Scan Other Me
Page 156 and 157: Content Security 4.3.8 Special Wind
Page 158 and 159: Content Security The checkbox is ma
Page 160 and 161: Content Security 4-34 Windows Execu
Page 162 and 163: Content Security 4-36 Dynamic Link
Page 164 and 165: Content Security 4-38 At the top of
Page 166 and 167: Content Security 4-40 Java Applets
Page 168 and 169: Content Security 4-42 Use the check
Page 170 and 171: Content Security 4-44 Java Applicat
Page 172 and 173: Content Security 4.3.14 JavaScript
Page 174 and 175: Content Security 4-48 — Usage of
Page 176 and 177: Content Security 4-50 Script Analys
Page 178 and 179: Content Security 4-52 You can confi
Page 180 and 181: Content Security 4-54 Note that the
Page 182 and 183: Content Security 4.3.16 Visual Basi
Page 184 and 185: Content Security 4-58 — Usage of
Page 186 and 187: Content Security 4-60 Forbid unknow
Page 190 and 191: Content Security Use the following
Page 192 and 193: Content Security 4-66 Unsigned Cont
Page 194 and 195: Content Security 4-68 You can confi
Page 196 and 197: Content Security 4-70 Certificate A
Page 198 and 199: Content Security 4-72 Note that bes
Page 200 and 201: Content Security 4-74 Software Vend
Page 202 and 203: Content Security 4.5 Embedded Objec
Page 204 and 205: Content Security 4-78 They can be u
Page 206 and 207: Content Security 4.5.2 ActiveX List
Page 208 and 209: Content Security 4-82 — Add to Ac
Page 210 and 211: Content Security 4.6.1 Embedded Scr
Page 212 and 213: Content Security This feature requi
Page 214 and 215: Content Security 4-88 So, you can b
Page 216 and 217: Content Security 4.8.1 Global Trust
Page 218 and 219: Content Security 4.9 • Delete Sel
Page 220: Content Security 4-94 After modifyi
show all

Webwasher 6.0.1 Anti-Malware User's Guide - McAfee

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?