Should i exclude MySQL and IIS?

Discussion in 'ESET NOD32 Antivirus' started by sebastown, Feb 24, 2009.

Thread Status:
Not open for further replies.
  1. sebastown

    sebastown Registered Member

    Joined:
    Feb 24, 2009
    Posts:
    6
    greetings from Colombia, South America

    from this:
    http://kb.eset.com/esetkb/index?page=content&id=SOLN727

    "database and backup software should be excluded from the real-time and On-demand scanners. When entering the directory paths, make sure that *.* is added to the end of each entry."

    as far as i know, MySQL and IIS (we got these in a Windows 2003 Server R2 SP2 serving 100 workstations) should be excluded.... ¿right?

    if so, how can i do that? (i mean, i know because of this tutorial: http://kb.eset.com/esetkb/index?page=content&id=SOLN560 but i wanna know exactly wich directories to exclude)

    maybe somebody has any experiencie with this?

    thanks a lot
     
  2. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    The IIS directories you shouldn't need to exclude. As for MySQL, that really depends on where you placed the databases when you created them. You need to exclude the database and log files and the exact location and name of those could vary wildly depending on your environment.
     
  3. sebastown

    sebastown Registered Member

    Joined:
    Feb 24, 2009
    Posts:
    6
    IIS: I just tough that i had to because in the recommended settings for a Server they got an example of Exchange and say that %SystemRoot%System32Inetsrv*.* should be excluded.

    MySQL: i got it right in C:\Program Files\MySQL Should i exclude all that directory and subdirectories?

    thanks so much for answer
     
  4. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Set up exclusions for *.myd, *.myi, and *.log in the directory containing those files. I would advise against excluding the entire directory since an exploit that uses MySQL as a vector could easily use that directory to save and launch arbitrary executables and a global exclusion there would create a safe-haven for viruses to operate out of to compromise the system.
     
  5. sebastown

    sebastown Registered Member

    Joined:
    Feb 24, 2009
    Posts:
    6
    thank you very much, Smacky.
     
Thread Status:
Not open for further replies.