SpIDer Guard for SMB

SpIDer Guard for SMB is a monitor of shared file system directories used by SMB file server Samba. This component is designed to monitor actions applied to files in Samba shared directories. It operates as a resident monitor and controls basic actions in the protected file system (creation, opening, closing, and read or write operations). Once the component intercepts such operation, it checks whether the file was modified and if so, a task to scan the file is created and sent to the Dr.Web File Checker file scanner. If the file requires scanning, Dr.Web File Checker initiates the scanning by the Dr.Web Scanning Engine scan engine. If the file contains a threat, it is blocked for access for a period specified in settings until the threat is neutralized. Also the component settings can indicate file blocking in case of a scanning error (including cases when there is no valid license).

To avoid conflicts between SpIDer Guard and SpIDer Guard for SMB, which can occur in the process of scanning the files located in the shared directories of Samba, it is recommended that you additionally configure SpIDer Guard by performing one of the following actions:

•Add Samba shared directories to the exclusion scope (specify these directories in the ExcludedPath parameter).

•Add the Samba process (smbd) to the list of ignored processes (specify smbd in the ExcludedProc parameter).

The SpIDer Guard for SMB monitor uses a special VFS SMB module for the integration with the Samba server. With SpIDer Guard for SMB, several versions of this module are supplied. They are built for various versions of Samba. However, the supplied versions of the VFS SMB module may be incompatible with the version of Samba installed on your file server. It may occur, for example, if your Samba server uses the CLUSTER_SUPPORT option.

If VFS SMB modules are incompatible with the Samba server, build the VFS SMB module for your Samba server from the supplied source codes manually (including the compatibility with the CLUSTER_SUPPORT option if necessary). The procedure of building the VFS SMB module from the supplied source code files is described in the Building the VFS SMB Module section.