Back=right mouse click.
If IWSVA detects an outbound threat that the Damage Cleanup Services server cannot clean, you can have IWSVA block access to that site and redirect the affected client to a manual clean up page. If the client chooses not to perform the cleanup, you can have IWSVA periodically re-direct the client to the site until a clean up is performed. The default interval is four hours.
IWSVA detects spurious outbound HTTP traffic from a laptop recently joined to the LAN. IWSVA sends the client's IP address to the DCS (Damage Cleanup Service) server, but the DCS cannot contact or repair the client. For example, the client has unhooked from the network or shut down.
The DCS server notifies IWSVA that it did not perform a cleanup as expected. IWSVA will then redirect the next outbound HTTP request from the affected client to an ActiveX, manual clean up site.
If the manual clean up is not performed (e.g., the user chooses not to perform the clean up, ActiveX is not supported by the browser, or ActiveX is disabled in the browser), then IWSVA will release the client to browse the Internet as usual.
You can set the interval after which IWSVA will again re-direct the to the manual cleanup page.
Open for editing the following file:
/etc/iscan/intscan.ini
Locate the parameter "infected_url_block_length=". The default block time is four hours.
Modify the value to the right of the = sign, and then save your changes.
Example DCS Message
