View Source

Background

Virus scanners normally have 3 scan methods: The memory scan, the on access scan of files when they are accessed or created on the disk and the periodical file scanning on a scheduled base - e.g. each week. On top some virus scanners act like a personal firewall and block certain suspicious TCP/IP ports like SMTP (25) or high ports (e.g. the range between 10 000 and 65535).

With the on access scan of files several issues may come up:

On the server side:

The server may not get installed properly
The server may not start
The server may not store examinations
The server may not be reachable from the custo diagnostic client side

On the client side:

The client may not start
The client may run with strange error messages
The client may not store the examinations on the server - even without telling that to the users.

Virus scanner exceptions

Plan the installation together with the IT admins of the customer and make them aware beforehand that there might be a need to disable the virus scanner temporarily and that virus scanner exceptions are required.

On the server side:

With netstat -ano you may identify which IP ports are in use before the installation. If the default ports (TCP 8080, 8443, 8005 and 3006) are not in use stay with the defaults. Defaults are your your friends! In case a port may be in use already use the next free one.
In case of problems with the setup try the installation with a temporarily stopped virus scanner
Get on access scan exceptions for the installation directory (By default: c:\program files\custo diagnostic server) and the data directory (by default c:\diagserverdata) of the server and on top the system temp directory.

A periodical (e.g. weekly) scan may also include the above mentioned directories.

On the client side:

Get on access scan definitions defined for the installation directory of the custo diagnostic client (by default: c:\program files(x86)\custo diagnostic client) and the custo med sub directories of all windows user temp directories using the custo diagnostic client (e.g. C:\Users\[windows user name]\AppData\Local\Temp\custo med).

Security concerns of the IT admins

Some may state that the definition of the exceptions may be a risk.

Please in that case stress that IT security must be seen in the full context: Integrity, confidentiality and availability. With that perspective a non available system may not be helpful. On top especially missing examinations are the bigger risk than malicious code which the virus scanner should already detect by the memory can.