ESET North America Server NOD32 사용자 설명서
Chapter 6. NOD32 system update and
maintenance
maintenance
In order to keep NOD32LMS system effective, it is necessary to keep NOD32 virus definitions
database up to date. In the following sections a concept of the NOD32 database update process is
described with more in depth details which is in most cases not necessary to read. Therefore one
may wish to skip directly to section 6.3 that can serve in this sense as a short ’how-to’ document
related to this topic.
database up to date. In the following sections a concept of the NOD32 database update process is
described with more in depth details which is in most cases not necessary to read. Therefore one
may wish to skip directly to section 6.3 that can serve in this sense as a short ’how-to’ document
related to this topic.
6.1. Basic concept of NOD32 system update.
Basic concept of the NOD32 system update is to download so called NOD32 modules from
the NOD32 server and compile them in order to provide so called loading modules used by
the NOD32 anti-virus scanner. First part of the process is provided by NOD32 Update Mirror
Creator (nod32umc) system utility while compilation of the modules is done by NOD32 Update
(nod32upd) system utility. Both the utilities are part of the NOD32LMS system.
the NOD32 server and compile them in order to provide so called loading modules used by
the NOD32 anti-virus scanner. First part of the process is provided by NOD32 Update Mirror
Creator (nod32umc) system utility while compilation of the modules is done by NOD32 Update
(nod32upd) system utility. Both the utilities are part of the NOD32LMS system.
6.1.1. NOD32 modules organization
The NOD32 modules introduced above are located by default within
/var/lib/nod32/mirror
directory (so called local mirror directory or default local mirror directory). These modules are
divided into two categories, e.g. engine category and component category (modules of compo-
nent category are currently only for use on the Windows operating systems).
Currently there are 4 types of engine category modules supported:
divided into two categories, e.g. engine category and component category (modules of compo-
nent category are currently only for use on the Windows operating systems).
Currently there are 4 types of engine category modules supported:
•
base scanning modules (prefix engine) containing virus signatures database,
•
archives support modules (prefix archs) supporting various file system archive formats,
•
advanced heuristics modules (prefix advheur) containing implementation of so called ad-
vanced heuristics method of virus and worm detection,
vanced heuristics method of virus and worm detection,
•
packed worm scanner modules (prefix pwscan).
These modules are always necessary for proper running of any NOD32 anti-virus scanner based
application and therefore are all downloaded by default at each download process.
On the other hand the component category modules are platform dependent and language lo-
calization dependent and thus the selection of them has to be specified by the user according to
his needs. Download of component category modules is therefore optional.
Besides the NOD32 modules, the default mirror directory contains so called modules version
control file (update.ver). This file contains relevant information concerning all modules stored
application and therefore are all downloaded by default at each download process.
On the other hand the component category modules are platform dependent and language lo-
calization dependent and thus the selection of them has to be specified by the user according to
his needs. Download of component category modules is therefore optional.
Besides the NOD32 modules, the default mirror directory contains so called modules version
control file (update.ver). This file contains relevant information concerning all modules stored
33