VirusScan for Linux 1.7 Best Practices Guide - Errors - McAfee

Best Practices Guide 

McAfee VirusScan Enterprise for Linux 

1.7.0

COPYRIGHT 

Copyright © 2012 McAfee, Inc. Do not copy without permission. 

TRADEMARK ATTRIBUTIONS 

McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee Artemis, McAfee CleanBoot, McAfee DeepSAFE, ePolicy Orchestrator, 

McAfee ePO, McAfee EMM, McAfee Enterprise Mobility Management, Foundscore, Foundstone, McAfee NetPrism, McAfee Policy Enforcer, Policy Lab, 

McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, SmartFilter, McAfee Stinger, McAfee Total Protection, 

TrustedSource, VirusScan, WaveSecure, WormTraq are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and 

other countries. Other names and brands may be claimed as the property of others. 

LICENSE INFORMATION 

License Agreement 

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS 

FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU 

HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR 

SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A 

FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET 

FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF 

PURCHASE FOR A FULL REFUND. 

2 McAfee VirusScan Enterprise for Linux 1.7.0 Best Practices Guide

Contents 

1 Introduction 5 

Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 

2 Hardware and software requirements 7 

3 Pre-installation instructions 9 

Standalone machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 

Managed using ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . . . . 10 

4 Post-installation instructions 11 

Standalone machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 

Testing On-access scanning . . . . . . . . . . . . . . . . . . . . . . . . . . 11 

Testing On-demand scanning . . . . . . . . . . . . . . . . . . . . . . . . . . 12 

Managed using ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . . . . 12 

Testing On-demand scanning . . . . . . . . . . . . . . . . . . . . . . . . . . 12 

Details of managed nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 

Configuring policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 

Default Queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 

5 Product Configurations 15 

Scanning policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 

On-access policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 

On-demand policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 

On-demand scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 

Anti-virus exclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 

Recovering quarantined items . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 

Run-time kernel modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 

Third-party software coexistence . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 

6 Tips and Tricks 19 

7 KnowledgeBase articles 21 

McAfee VirusScan Enterprise for Linux 1.7.0 Best Practices Guide 3

Contents 


1 Introduction 1 

Features 

McAfee VirusScan Enterprise for Linux delivers always on, real‑time anti‑virus protection for Linux 

environments. Its unique, Linux‑based on‑access scanner constantly monitors the system for potential 

attacks. 

McAfee VirusScan Enterprise for Linux protects the Linux servers and desktops from viruses, Trojan 

horses, potentially unwanted programs, and other malware. 

This section describes the product features for the McAfee VirusScan Enterprise for Linux software. 

Features include: 

• Run‑time Kernel Module Support. 

• Support for the following Cluster services: 

• Novell Cluster Services (NCS) 

• Corosync OCFS2 File System Cluster 

• Red Hat GFS2 Clustering File System 

• Support for auditing subsystem. 

• Support for SAN and NAS. 

• Integration with Anti‑virus Engine version 5400. 

• Integration with McAfee Agent (MA) version 4.5 Patch 2, 4.6 and 4.6.1. 

• Integration with McAfee ePolicy Orchestrator (ePO) version 4.5.x , 4.6 and 4.6.1. 

• Enhanced File System support for on‑access scanning. Refer the KnowledgeBase article KB73344. 

• Default queries in ePolicy Orchestrator for compliance and threat event reports. 

• SMTP Notification mechanism. 

• History of critical events such as malware detections, on‑demand scanning and DAT/Engine 

updates. 

• Support for on‑demand and scheduled scan tasks simultaneously. 

• Web‑based interface to manage the software from anywhere. 

• Mod‑versioning for automatic kernel support. 

• Regular‑Expression based exclusions for on‑access scan and on‑demand scan from the user 

interface. 


1 

Introduction 

Features 


2 Hardware 

and software requirements 

The following hardware and software are required: 

Supported operating systems (32‑bit/64‑bit) 

• SuSE Linux Enterprise Server/Desktop 10.x 

• SuSE Linux Enterprise Server/Desktop 11.x 

• Red Hat Enterprise 5.x Advanced Platform, Desktop 

• Red Hat Enterprise 6.x Server,Workstation, Client 

• Novell Open Enterprise Server 2.x 

• CentOS 5.x 

• CentOS 6.x 

• Ubuntu 10.04, 10.10 and 11.04 (Desktop/Server edition) 

Supported kernels 

• McAfee VirusScan Enterprise for Linux v1.7 supports all kernels available on the supported 

distributions. 

Supported processors 

• Intel x86 architecture‑based processor 

• Intel x86_64 architecture‑based processor that supports Intel Extended Memory 64 Technology 

(Intel EM64T) 

• AMD x86_64 architecture‑based processor with AMD 64‑bit technology 

Memory 

• Minimum: 2 GB 

• Recommended: 4 GB 

Free Disk space 

• Minimum: 1 GB 

Supported browsers 

• Microsoft Internet Explorer 5.5, 6.0, 7.0 and 8.0 

• Konqueror 3.5.1, 4.1.3, 4.2.x, and 4.3.x 


2 

Hardware and software requirements 

• Mozilla 0.9.9, 1.0.1, 1.2.1, 1.4, 1.6, 1.7.8, 1.8.x, and 1.9.x 

• Firefox 1.0, 1.5, 2.0, 3.0, 3.5, 3.6, 4.0, 5.0, and 6.0 

Supported McAfee Management software 

• McAfee ePolicy Orchestrator 4.5 

• McAfee ePolicy Orchestrator 4.6 

Supported McAfee Agent software 

• McAfee Agent 4.5 Patch 2 

• McAfee Agent 4.6 

Display 

Monitor screen with a recommended minimum resolution of 1024 x 768. 


3 Pre-installation 

instructions 

This chapter covers the pre‑installation requirements and list of actions you must follow as a best 

practice, before installing McAfee VirusScan Enterprise for Linux. 

Contents 

Standalone machine 

Managed using ePolicy Orchestrator 


This section provides a list of actions you must perform before installing McAfee VirusScan Enterprise 

for Linux. This is applicable only when the suite is installed on a machine in unmanaged mode. 

• Make sure the system meets the minimum hardware and software requirements for installing 

McAfee VirusScan Enterprise for Linux. Refer to the Hardware and software requirements section. 

• You must have root or sudo privileges to install McAfee VirusScan Enterprise for Linux. This account 

must be part of sudo users and so that you could authenticate the credentials during product 

installation. 

• If you are installing McAfee VirusScan Enterprise for Linux on Open Enterprise server, you must 

create a user nails and group nailsgroup in your e‑directory and enable LUM (Linux User Management) 

for them. Provide nails user with administrative privileges on all the NSS volumes. For more 

information, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide. 

• If you are installing VirusScan Enterprise for Linux on a 64‑bit RHEL 6.x system, ensure that the 

32‑bit RHEL 6.x PAM libraries are also installed. 

• If you are installing VirusScan Enterprise for Linux on a 64‑bit Ubuntu system, ensure that 32‑bit 

Ubuntu libraries are also installed. Refer to the following KnowledgeBase article for more details: 

https://kc.mcafee.com/corporate/index?page=content&id=KB71201 

• If you are installing VirusScan Enterprise for Linux on an Ubuntu system, make sure to run the 

installer script using bash shell. 

• Remove any previous versions of VirusScan Enterprise for Linux product prior to the LinuxShield 

version 1.5.1, before installing this version. 

• Make sure that there are no third‑party anti‑virus products installed on your machine. 


3 

Pre-installation instructions 



This section provides list of actions you must perform before deploying McAfee VirusScan Enterprise 

for Linux using McAfee ePolicy Orchestrator version 4.5.x or 4.6.x. 

• Use administrator credentials for the ePolicy Orchestrator service. 

• Make sure that McAfee Agent is checked‑in to ePolicy Orchestrator's repository. 

• Make sure the McAfee Agent extensions are checked‑in to ePolicy Orchestrator. 

• You can directly deploy McAfee Agent from ePO 4.6.x by clicking on the New Systems tab and pushing 

the non‑windows agent to the Linux client. 

• Make sure the system meets the minimum hardware and software requirements for installing 

McAfee VirusScan Enterprise for Linux. Refer to the Hardware and software requirements section. 

• To deploy McAfee VirusScan Enterprise for Linux with customized settings, copy the nails.options 

file to the /root and / directory on your Linux client system. To know how to create the nails 

.options file, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide. 

• If you are installing McAfee VirusScan Enterprise for Linux on Open Enterprise server, you must 

create a user nails and group nailsgroup in your e‑directory and enable LUM (Linux User Management) 

for them. Provide nails user with administrative privileges on all the NSS volumes. For more 

information, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide. 

• Remove any previous versions of VirusScan Enterprise for Linux product prior to the LinuxShield 

version 1.5.1, before installing this version. 

• Copy the install.sh file from ePolicy Orchestrator to your Linux clients using SCP, FTP or by 

downloading the install.sh from a browser onto your Linux client. For more instructions on how 

to download the file, refer the McAfee VirusScan Enterprise for Linux 1.7 — Installation Guide. 

If you are using FTP to copy install.sh file, ensure that you copy the file in binary mode. 

• Make sure that there are no third‑party anti‑virus products installed on your machine. 


4 Post-installation 

instructions 

This chapter provides instructions on what you need to verify after installing McAfee VirusScan 

Enterprise for Linux. This chapter has specific post‑installation instructions based on whether its a 

standalone installation or managed using ePolicy Orchestrator. 

Contents 




This section provides you information on what you need to verify after installing the software on a 

standalone machine. 

After installing McAfee VirusScan Enterprise for Linux, you must verify if the following functionalities 

are working properly: 

• On‑access scanning 

• On‑demand scanning 

To verify On‑access scan and On‑demand scan, we will use EICAR test file. The EICAR test file is a file, 

developed by the European Institute for Computer Antivirus Research, to test the response of 

computer anti‑virus programs. 

Before you begin testing, make sure that McAfee VirusScan Enterprise for Linux is updated with the 

latest DATs. 

Testing On-access scanning 

Use this task to verify on‑access scanning on a standalone machine. 

Ensure On‑Access scanning is disabled in McAfee VirusScan Enterprise for Linux On‑Access settings. 

Task 

1 From a web‑browser, go to: https://:55443 

2 Log on with the user name and password provided during installation. 

3 Click On‑Access Settings, then Edit. 

4 Deselect Enable On‑Access scanning and click Apply. 

5 From your browser, go to: http://eicar.org. 

6 Click ANTI‑MALWARE TESTFILE and follow the instructions mentioned in The Anti‑Malware Testfile 

section to create the test file on the desktop. 


4 

Post-installation instructions 


7 Enable On‑Access scanning from On‑access settings of the software. 

8 Try copying the eicar file downloaded to your Linux client's desktop to /tmp. 

You can see that the file is not copied to the target directory and missing from the desktop. The file 

gets quarantined and from the Host Summary section in the user interface, you can see one item as 

detected item. 

Testing On-demand scanning 

Use this task to verify on‑demand scanning on a standalone machine. 

Ensure On‑access scanning is disabled in McAfee VirusScan Enterprise for Linux On‑access settings by 

following steps mentioned in above section. 

Task 

1 From your browser, go to: http://eicar.org. 

2 Click ANTI‑MALWARE TESTFILE and follow the instructions mentioned in The Anti‑Malware Testfile 

section, to create the test file on the desktop. 

3 From the VirusScan Enterprise for Linux user interface, click Schedule Tasks. 

4 Create a new on‑demand scan task to scan the downloaded file immediately. 

5 Once the scan is complete, see the results of the scan. 

You can see that the eicar test virus is detected in the scan results. You can also view these results 

from Detected Items and System Events page. 


After deploying McAfee VirusScan Enterprise for Linux on managed nodes, you can verify the 

on‑demand scanning, details of managed nodes along with other tests in previous section. 

You can also enforce policies to verify the reports on ePolicy Orchestrator server or the managed 

nodes. 

Testing On-demand scanning 

Use this task to verify on‑demand scanning using ePolicy Orchestrator. 

To test on‑demand scanning, download an EICAR test file on the Linux client after disabling On‑access 

scan, then schedule an on‑demand scan to run immediately. Refer the McAfee VirusScan Enterprise for 

Linux — Configuration Guide for instructions on scheduling on‑demand scan tasks using ePolicy 

Orchestrator. 

Details of managed nodes 

You can verify the details of managed nodes in System Tree by clicking on it in ePolicy Orchestrator. 

Configuring policies 

For instructions on configuring and enforcing policies, refer the McAfee VirusScan Enterprise for Linux 

1.7 — Configuration Guide. To verify the On‑access and On‑demand scanning events, you can check in 

Reports for which you need to install report extensions of McAfee VirusScan Enterprise for Linux 1.7 on 

ePolicy Orchestrator. 


Default Queries 

This section provides details on the default queries. McAfee ePolicy Orchestrator has its own querying 

and reporting capabilities. When VirusScan Enterprise for Linux reports extension is installed into 

ePolicy Orchestrator, it provides a set of default queries. However, you can create a new query, edit, 

and manage all the queries related to McAfee VirusScan Enterprise for Linux. 

By default there are two VirusScan Enterprise for Linux queries. 

Table 4-1 VirusScan Enterprise for Linux — Default queries 

Query Description 

VSEL: VirusScan Enterprise for Linux 

Compliance 

VSEL: VirusScan Enterprise for Linux 

Threats 


Managed using ePolicy Orchestrator 4 

Shows a graphical display of the compliant and non‑compliant linux 

systems in the network. When you run this query, you should see 

the VirusScan Enterprise for Linux machine showing up in the 

report. 

Shows a graphical display of the threat summary and action taken 

on all linux systems in the network. 


4 




5 Product 

Configurations 

This chapter provides recommendations for configuring the On‑access, On‑demand scanning policies, 

anti‑virus exclusions, recovering quarantined items, about runtime kernel modules and third‑party 

software coexistence on McAfee VirusScan Enterprise for Linux 1.7 software. 

For more information on how to configure the product, please refer the McAfee VirusScan Enterprise 

for Linux 1.7 — Product Guide. 

Contents 

Scanning policies 

Scanning policies 

On-demand scanning 

Anti-virus exclusions 

Recovering quarantined items 

Run-time kernel modules 

Third-party software coexistence 

This section provides recommendations for on‑access and on‑demand scanning policies. 

On-access policy 

Here are the best practices for configuring on‑access policies. However, this can vary as per your 

requirements. 

The following configuration identifies and eliminates viruses and other malicious programs from being 

copied or written to your Linux Machines in real‑time. 

• Disable the Scan files on network mounted volumes option. Enable this option only if you cannot install 

McAfee anti‑virus solution on your network servers. 

• Enable the Quarantine option always as a secondary action for virus detections, so that you can 

retrieve the files from the quarantine folder later if required. See the Recovering quarantined items 

section on how to retrieve quarantined files. 

• Set the Action if scan error occurs option to Deny access in On‑access settings. 

• Disable Decompress archives to increase performance. 


5 

Product Configurations 


On-demand policy 

Here are the best practices for configuring on‑demand policies. However, this can vary as per your 

requirements. 

The following configuration identifies and eliminates viruses and other malicious programs on your 

Linux Machines when scheduled or on‑demand scanning runs on the client system. 

• Always enable the Decompress archives to scan inside the archives and compressed files. 

• Select the Quarantine option always as secondary action for virus and spyware detections, so that 

you can retrieve the files from the quarantine folder later if required. 


This section describes the best practices for scheduling on‑demand scans to improve performance. 

Scheduling scans 

• Schedule on‑demand scans during non‑peak hours such as weekends, during the maintenance 

period or when DAT/Engine updates are not running. 

• When scheduling an on‑demand scan for the first time, schedule a full on‑demand scan for local 

volumes. 

• Make sure to exclude network volumes, if you do not want to scan them explicitly. 

Update 

Ensure that at least 500 MB of memory is free before a DAT Update, as DAT needs significant amount 

of memory. 

Anti-virus exclusions 

This section provides recommendations for Anti‑virus exclusions. McAfee suggests these for better 

performance, however you can tweak these exclusions based on your requirements. 

This version supports, regular expression based exclusions for Anti‑malware. You can add regular 

expressions that match the required pattern to exclude multiple files and folders from being scanned. 

Some of the recommended exclusions are for: 

• Oracle database files 

• /opt/oracle/.*.dbf (if oracle is installed under /opt) 

• /opt/oracle/.*.ctl (if oracle is installed under /opt) 

• /opt/oracle/.*.log (if oracle is installed under /opt) 

• Evolution data files 

• Thunderbird data files 

• Encrypted files 

• /var/log for on‑access scan 

• /quarantine and /proc for on‑demand scan 

• JAR files for on‑access scan 


• Archive files for on‑access scan 

• DTX files for on‑access scan 

• WAR files 

• Exclusion of /media/nss//._NETWARE and /media/nss//._ADMIN in 

case of Open Enterprise Server 

The following are few examples of regular expressions you can use for different patterns. 

Table 5-1 Regular Expression Examples 

To exclude... Use... 

All files starting with abc available in /media/nss /media/nss/abc.* 

All files starting with "." under /media/nss /media/nss/..* 

All files with extensions ext and abc under /media/nss /media/nss/.*.(ext|abc) 

All users mailbox folders /home/.*/mailbox/.* 

All files and folders that begin with abc in the machine .*/abc.* 

Files with extension mdb .*.mdb 

Files with extension either mdb or odc .*.(mdb|odc) 

Files with extension jar or rar or war under /opt /opt/.*..+ar 

All files under /tmp starting with an alphabet and ending with a number /tmp/([A‑Z]|[a‑z]).*[0‑9]$ 

All users mailbox folders recursively /home/.*/mailbox/.* 

All files ending with abc, abcc, abcccc .*abc{1,} 

Using regular expressions from ePolicy Orchestrator 

• You should include "/" as the first character. For example, to exclude all files and folders starting 

with abc in the machine use the regular expression: /.*/abc.* 

• Ensure that there are no escape sequences included in the regular expression. For example: From 

ePolicy Orchestrator, to exclude all files starting with "." under /media/nss use the regular 

expression: /media/nss/..* 

Recovering quarantined items 

This section provides information on listing and recovering quarantined items. Remember that you 

need to have root privileges to run these commands. McAfee suggests recovering quarantined items 

only after consulting McAfee Labs. 

To list the quarantined items on a Linux machine 

1 From the terminal, login as root. 

2 Run the following command: 

/opt/NAI/LinuxShield/bin/nails quarantine ‑‑list 

This will list all the quarantined items on your machine. For example, if a file named file1 under /tmp 

directory is quarantined, by running above command you will see the output as: 

/quarantine/QXXX.XXXXXX.XXXXX.XXX.meta: /tmp/file1 where X is a random number. 


Recovering quarantined items 5 


5 



To recover a particular quarantined item 

1 From the terminal, login as root. 

2 Run the following command: 

/opt/NAI/LinuxShield/bin/nails quarantine ‑recover 

For example, if you want to recover file1 which is listed as quarantined item , you need to run the 

command as: /opt/NAI/LinuxShield/bin/nails quarantine ‑recover 

/quarantine/QXXX.XXXXXX.XXXXX.XXX.meta /tmp/file1 

This will restore file1 into/tmp directory. 


Automatic support for new kernels released from the distribution vendors without any downtime in 

On‑access scanning. McAfee VirusScan Enterprise for Linux Kernel modules will be created dynamically 

in case of a mod‑version failure. 

• You must have developer utilities such as make or gcc installed on your machine along with kernel 

headers package of the current kernel. If mod‑versioning fails during nails service start, the kernel 

modules gets compiled dynamically and on‑access scanner gets enabled. 

• If developer utilities are not installed in your production server, you can compile the kernel modules 

on a staging server and run the export command to archive the kernel modules. Import the kernel 

modules on to your production server by running the import command. For more information, 

please refer the McAfee VirusScan Enterprise for Linux 1.7 — Product Guide. 

• · Ensure that the kernel sources/headers and developer tools are installed on the computer. If the 

kernel sources/headers are installed in a non‑default location, set the KERNEL_HEADER_LOCATION 

environment variable before compilation. 

• You can check if the compiled or imported kernel modules are working properly by executing the 

command: /opt/NAI/LinuxShield/bin/khm_setup ‑t 

To view the logs, go to: /opt/NAI/LinuxShield/src/log 

Third-party software coexistence 

• VirusScan Enterprise for Linux does not support coexistence with backup software such as 

ArcServe, Cava Agent, bacula backup software and so on. Hence McAfee recommends you to 

exclude directories or files associated with it. 

• There are few compatibility issues between McAfee VirusScan Enterprise for Linux and McAfee 

Solidcore. Please refer the following KnowledgeBase articles for the resolution of these issues. 

• https://kc.mcafee.com/corporate/index?page=content&id=KB70194 

• https://kc.mcafee.com/corporate/index?page=content&id=KB70857 

You can also log on to https://kc.mcafee.com and search using the KB article number. 


6 Tips 

and Tricks 

This chapter provides you more information on the tips and tricks which can be helpful when you use 

the McAfee VirusScan Enterprise for Linux software. 

• You can deploy the McAfee VirusScan Enterprise for Linux from ePolicy Orchestrator (ePO) with 

customized settings. For this you need to copy the nails.options file to /root and / directory on 

your Linux client system. For more details, refer the McAfee VirusScan Enterprise for Linux 1.7 — 

Installation Guide. 

• VirusScan Enterprise for Linux provides advanced logging option, which is recommended to be 

enabled while troubleshooting specific issues. These settings however can only be enabled from the 

endpoint's user interface. The settings are Detail logging level, Additional log to syslog, Detail syslog level, Limit 

age of log entries, Maximum age of log entries which can be tweaked from product's user interface. 

• In a managed mode (ePO), the status of scheduled tasks is not reported back to ePO. In such 

cases setting up SMTP email notifications can monitor this. Users will get the email notification if the 

DAT is out‑of‑date, malware detected on the system, and notification based on error codes 

including system events on the user's email id. 

• By default, VirusScan Enterprise for Linux uses the system PAM (Pluggable Authentication Modules) 

configuration in the Web Manager for authentication. In some instances, the system PAM settings 

might use external authentication modules that are not compatible with VirusScan Enterprise for 

Linux. Refer the following KnowledgeBase article to know how to configure PAM, so that VirusScan 

Enterprise for Linux can authenticate in the Web Manager: https://kc.mcafee.com/corporate/index? 

page=content&id=KB70568 


6 

Tips and Tricks 


7 KnowledgeBase 

articles 

This chapter specifies the various KnowledgeBase articles related to the McAfee VirusScan Enterprise 

for Linux software. Before you run into any issues with the software, verify if the issue is already 

available in the McAfee KnowledgeBase homepage. 

Accessing McAfee KnowledgeBase 

1 From your web‑browser, go to: https://kc.mcafee.com. 

2 Under Ask a Question, specify the KB article number or the topic title. 

Table 7-1 McAfee VirusScan Enterprise for Linux — KB articles 

KB article# Title 

KB73036 VirusScan Enterprise for Linux 1.7 DAT update fails on 64‑bit Ubuntu installations 

KB73043 VSEL 1.7 causes a kernel panic when Ubuntu runs as an NFS Client and Server at the 

same time 

KB73087 VirusScan Enterprise for Linux 1.7 authentication fails after an OS upgrade 

KB73205 Unable to reboot server in a Corosync cluster environment with Virus Scan for Linux 

running 

KB73322 VirusScan for Linux 1.7 installation fails when installing via the Dash Shell in Ubuntu 

KB70568 How to configure PAM for Virus Scan Enterprise for Linux manager authentication 

KB70857 Can VirusScan Enterprise for Linux co‑exist with Solid core products? 

KB72999 How to determine if a Linux Server is supported by VSEL 1.7 


7 

KnowledgeBase articles

VirusScan for Linux 1.7 Best Practices Guide - Errors - McAfee

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?