On-access scanner powered by Dazuko

The technique used by ESETS On-access scanner can be also powered by the Dazuko (da-tzu-ko) kernel module and is based on the interception of kernel calls. The Dazuko project is open source, which means that its source code is freely distributed. This allows users to compile the kernel module for their own custom kernels. Note that the Dazuko kernel module is not a part of any ESETS product and must be compiled and installed into the kernel prior to using the On-access command esets_dac. The Dazuko technique makes On-access scanning independent from the file system type used. It is also suitable for scanning of file system objects via Network File System (NFS), Nettalk and Samba.

Important: Before we provide detailed information related to On-access scanner configuration and use, it should be noted that the scanner has been primarily developed and tested to protect externally mounted file systems. If there are multiple file systems that are not externally mounted, you will need to exclude them from file access control in order to prevent system hang ups. An example of a typical directory to exclude is the ‘/dev’ directory and any directories used by ESETS.