Network and Storage Protocols

Cifs Share, virus and Symantec Protection Engine

ELESSARIN
3,595 Views

Hello,

I have a  FAS2040 with cifs share.

On this share I have a virus that hide folder and replace them by .exe. I suspect one of my user who is infecting file. I need to find at least his IP address.

First I have enabled audit but it was not enough detailled.

Then to correct this issue, I have installed Symantec Protection Engine 7 and configured with my NetApp

Symantec is working well, I can see in NetApp with vscan command that Symantec is doing the job. But I have no entry at all for my hidding virus.

Do you know if there is an option in NetAPP to monitor folder attribute with vscan ? I have make a lot of search but I'm unlucky.

Thank you.

1 ACCEPTED SOLUTION

ELESSARIN
3,595 Views

After opening a ticket on NetApp support, it is not possible to monitor folder with NetApp ....

Solution for me was to find an antivirus on client computer that detect this virus. Then update all my client and finally unhide manually folder on cifs.

View solution in original post

2 REPLIES 2

ELESSARIN
3,595 Views

I have found this option in NetApp doc :

vscan extensions include add txt

Maybe folder file are not in vscan extension, do you know what is folder extension to be sure ?

Thanks

ELESSARIN
3,596 Views

After opening a ticket on NetApp support, it is not possible to monitor folder with NetApp ....

Solution for me was to find an antivirus on client computer that detect this virus. Then update all my client and finally unhide manually folder on cifs.

Public