This month's PCQ Essential CD is a live CD, carrying a multipurpose anti-malice software called
BitDefender. Well, the 'anti malice' bit has been coined by our team, as it could not be fitted under a single category, since it includes an anti virus, anti spam and personal firewall that can be installed into your Windows machine. Instead, if you boot your machine off a CD then you will find a live Linux
distro, based on Knoppix, which is customized for things, such as a live anti virus to scan and backup your crashed machines. You can even use it as an SMTP proxy with anti virus and anti spam functionality. So it is an anti virus, anti
spam, recovery tool and a personal firewall all rolled in a single CD.
In this article, we will see how you can configure and use the different components of the package.
Anti virus and firewall for Windows
This part of the software is installable on any Windows machine as a normal anti virus and personal firewall. Specifically, this module is known as BitDefender 8 Professional. The installation of the product is very simple. Just run the installer in the BitDefender8 directory and follow the steps. A standard anti virus will be installed, one that has all the necessary features, such as automated updates, built-in personal anti spam and personal firewall. We tested the anti virus with some latest and common viruses, and found that it was able to detect all of them. It is also capable of scanning network drives and STPM mails for viruses. After installation, it also added some new buttons in the Outlook Express as part of the built-in anti
In the image you can see that you can directly add or remove any mail to your own spam black list or even add e-mail address as a
spammer, so that they automatically get filtered next time. The personal firewall which comes with this product not only blocks any intrusion attempt coming from the other machine, but also is capable of finding out the trojans and bloat wares which are installed in your PC. It can block or delete them as well.
Anti virus in a live CD
You can use the same CD to boot into a machine and scan its disks. As the CD itself contains an OS
(Knoppix, a live Linux distro) called LinuxDefender Live, you can still boot it into your machine even if, your MBR (Master Boot Record) or any file needed to boot the installed OS, is corrupted by any virus and your OS has crashed. This gives an additional benefit of recovering and transferring any file from a crashed machine to another over the network as this distro has a samba client built into it.
By default the CD doesn't boot with an NTFS write support, but if you want to scan an NTFS driver then you can install the proprietary NTFS driver called Captive Microsoft NTFS driver, which is available as a binary with the same CD. It is also capable of scanning samba
You can install it after you have booted through the CD. The icon is placed in the desktop and is called 'Install NTFS write driver'. When you run it, it will first search for the Microsoft's license certificate, which should be in your NTFS drive (gets created when you install an authentic MS OS). And only after this, it will get installed.
To know how to use the anti virus see the second point in the box items.
Spam and virus filter for SMTP
The last component of the package is an SMTP Proxy server, which has a built-in functionality of filtering viruses and spam from its incoming mail traffic. Its configuration can be done easily through a webmin module that runs over a secured HTTP at
https://127.0.0.1:10000/bitdefender. A prerequisite for using this Web-based configuration tool is to assign a password to the Knoppix user, as webmin doesn't allow any user login with a 'nil' password which is by default in case the of the Knoppix user. You can do it by running the following command.
Then provide an appropriate password, twice, when asked.
After the password is set, log on to the webmin module and you will find an easy-to-use interface. Here the required settings are in the
'SMTP Proxy' tab. Select the tab and you will find four sub-tabs. Select the first one that says
'SMTP Server' and enter the IP-address/FQDN and port of your actual SMTP server and then click on the 'Apply' button. Now click on the 'Email Domain' sub-tab and enter the names of the domains, which you want to relay, for example
'cybermedia.co.in' or 'yourcompany.com'. Finally select the last sub-tab called 'network domain' and enter the broadcast address of the network, on which you want to set relaying such as 192.168.3.0/255.255.255.0 and your basic configuration is done.
You can do a lot of settings such as changing the behaviour of the application in case of
virus/spam detection. For example, you can send virus alerts to the sender and you can even create a customized e-mail template, which will be sent to them.
You can select from different mechanisms to detect spams such as, black list, Bayesian filter and
anti-spam heuristic to configure it on the client side. Now replace your SMTP-servers address with the IP address of Linuxdefender machine. One disadvantage of this application is that, if by chance the machine gets rebooted then your entire configuration is gone and you have to recreate them manually.
Bugs and workarounds
Bugs and workarounds
Automatic mount of drive doesn't work
A bug that we noticed while using the product was that, the desktop icons for the hard drives are not automatically mounted with the corresponding devices. So to use them you have to manually su as root and mount them by using the following command in a terminal window
#mount /dev/hdxy /mnt/hdxy
Here replace xy with the appropriate drive name. You can check the exact drive name by running the
'fdisk -l' command as root (after running the su command)
Icon doesn't work
If you run the 'Bitdefender virus scan' icon from the desktop and select any mounted hard drive to scan and click on the Scan button. It won't start the scanning because of the reason, that by default, you log in as the Knoppix user who is a simple user, who doesn't have write permissions on the mounted drives so you have to become root before running it. To do this you have to open a terminal window and run this application manually after being root, to do so run the following commands
This will open up the same interface but this time it will properly scan the drives.