Manualshelf

Installation manual

ManualsBrandsESET ManualsPrint & ScanGATEWAY SECURITY - FOR LINUX BSD AND SOLARIS
21222324252627282930
25
[http]
agent_enabled=yes
listen_addr=”192.168.1.10”
listen_port=8080
action_av=”scan”
To provide individual parameter settings, dene the ‘user_cong’ parameter with the path to
the special conguration le where the individual setting will be stored. In the next example, we
create a reference to the special conguration le ‘esets_http_spec.cfg, which is located in the
ESETS conguration directory. See below:
[http]
agent_enabled=yes
listen_addr=”192.168.1.10”
listen_port=8080
action_av=”scan”
user_cong=”esets_http_spec.cfg”
Once the special conguration le is referenced from within the [http] section, create the
esets_http_spec.cfg le in the ESETS conguration directory and add the appropriate individual
settings. The next example shows the individual setting for parameter ‘action_av, for the client
computer with IP address 192.168.1.40. See below:
[|192.168.1.40]
action_av=”reject”
Note that the section header identies the HTTP client for which the individual settings have
been created, and the section body contains individual parameters for that HTTP client. With
this special conguration, HTTP trac for all local network clients will be processed normally, i.e.
scanned for inltrations. However, access for the HTTP client with the IP address 192.168.1.40 will
be rejected (blocked).
6.3. Blacklist and whitelist
In the following example we demonstrate blacklist and whitelist creation for the esets_http
congured as an HTTP proxy scanner. Note that the conguration described in the previous
section is used for this purpose.
To create a blacklist used by esets_http, create the following group section within the special
conguration le esets_http_spec.cfg, introduced in the previous section. See below:
[black-list]
action_av=”reject”
Next, add the HTTP server to the ‘black-list’ group. To do this, the following special section
must be created:
[aaa.bbb.ccc.ddd]
parent_id=”black-list”
In the example above, ‘aaa.bbb.ccc.ddd’ is the IP address of the server added to the ‘black-
list’. All HTTP trac related to the specied server will now be rejected, i.e. the server will be
blocked.
chapter 6 Important ESET Gateway Security mechanisms