Zoner AntiVirus - Smarter Security

englishenglish   deutschdeutsch   českyčesky

Zoner Antivirus – The Latest Technology

The program core has a modern design, contains a state-of-the-art code emulator, and boasts a unique heuristic analyzer, designed precisely to meet the threats of today.

NAME

zavicap.conf - Zoner AntiVirus configuration file for ZAV ICAP module

DESCRIPTION

Zavicap.conf is the ICAP module configuration file for Zoner AntiVirus daemon (ZAVd). Be sure to read zavd.conf(5) for configuration file format, syntax and semantics. Reading the documentation for your proxy server and ICAP protocol is recommended.

ICAP SERVER SETUP

This section configures module communication with the proxy server.
ZAVICAP_PORT = [int]
Port to listen on for incoming connections from the proxyserver.
ZAVICAP_MAX_SIZE = [size]
Maximal allowed size for tested file (larger ones wll be marked clean).
ZAVICAP_PARTIAL = [bool]
Use partial downloading. First, a buffer is filled and sent to the client. Only after receiving the last part, the file is scanned and depending on the result, the last part is also sent or is dropped, which should cause the client to report an error.
ZAVICAP_PARTIAL_BUFFER = [size]
The size of a buffer used for partial downloading.
ZAVLMTP_FILE_TIMEOUT = [time]
The timeout for a single file, including the scanning time and the time spent waiting for a scanner to become available.

ACTIONS SETUP

This section specifies what to do with analyzed file when a specific scan result is obtained. See zavcli(1) for the result types.
Possible actions:
ALLOW - send the file/page to the client
DENY - block the requested page/file and send a notification page instead
ZAVICAP_SCANERROR = [enum]
ZAVICAP_CLEAN = [enum]
ZAVICAP_INFECTED = [enum]
ZAVICAP_PROBINFECTED = [enum]
ZAVICAP_SUSPICIOUS = [enum]
ZAVICAP_NONSTANDARD = [enum]
ZAVICAP_UNKNOWN = [enum]
ZAVICAP_TIMEOUT = [enum]

LOGGING SETUP

This section configures what to log on ZAV ICAP side (ZAVd can log the scan results per file, but knows nothing about web pages).
ZAVICAP_LOG_DENY = [bool]
Print a log message if the file has been blocked.
ZAVICAP_LOG_ALLOW = [bool]
Print a log message if the file has been passed to the client.
ZAVICAP_LOG_INFO = [bool]
Log other informative messages.

SCANNING SETUP

This sections configures the scanning engine parameters that will override ZAVd's default settings. See zavd.conf(5) in SCANNING SETUP for description.
ZAVICAP_SCAN_LEVEL = [enum]
ZAVICAP_SCAN_FULL = [bool]
ZAVICAP_SCAN_HEURISTICS = [bool]
ZAVICAP_SCAN_EMULATION = [bool]
ZAVICAP_SCAN_ARCHIVES = [bool]
ZAVICAP_SCAN_PACKERS = [bool]
ZAVICAP_SCAN_GDL = [bool]
ZAVICAP_SCAN_PHISHING = [bool]
ZAVICAP_SCAN_DEEP = [bool]
ZAVICAP_SCAN_MAX_SIZE = [size]
ZAVICAP_SCAN_MAX_FILES = [int]
ZAVICAP_SCAN_RECURSION = [int]
ZAVICAP_SCAN_TIMEOUT = [time]

AUTHOR

Written by Jaromir Smrcek.

BUGS

Report bugs to Jaromir Smrcek <jaromir.smrcek@zoner.com>. Start your 'Subject:' by 'ZAV' and please include the output of 'zavcli -V'.

SEE ALSO

zavd(8), zavd.conf(5), zavcli(1)
Zoner Antivirus Online Scanner

Detection History

Virus Detection History - Last 24 Hours
Infected FilesSuspect Files

Current Virus Activity

I-Worm.SomeFool.P94.1%
TrojanDropper.Delf.AEJ5.9%
0.0%
0.0%
0.0%

Current Version

ZAV Core:
20100301-418
ZAV Database:
20100902-360050
Zoner Antivirus

Zoner Sandbox

If you suspect that a file might be infected and you thus want to determine what a given program is doing, you can send a file for us to analyze. We will evaluate the given program's behavior and send you back detailed results.