Scanning a Linux Endpoint for Security Risks
This task assumes that your Linux environment supports the auto-mounting of USB drives. If your Linux environment does not support auto-mounting, refer to your Linux documentation to learn how to manually mount a USB device.
Before you can use a Scanning Tool on a Linux endpoint, you must activate the Scanning Tool device on a Windows endpoint, in either standalone mode or through the Management Program.
For more information, see Activation.
-
Plug the Scanning Tool device into the target Linux endpoint on which you have
"root" or "sudo" privilege.
The endpoint auto-mounts the device and the TMPS3 DAT and TMPS3 SYS drives appear on the screen.
- Open the TMPS3 SYS drive.
-
Right-click anywhere within the folder (but not on a file or folder icon) and
click Open in Terminal.
The terminal opens pointing to the TMPS3 SYS directory.
-
Scan the endpoint through use of the following command structure:
sudo sh ./LauncherLinux.sh -c scan [<scan options>] <scan targets>
To scan the entire endpoint using the Management Program settings, type the following:
sudo sh ./LauncherLinux.sh -c scan /
To scan all files in the /tmp folder and perform the "recommended" action, type the following:
sudo sh ./LauncherLinux.sh -c scan -a recommended /tmp
For more information about the available options, see Linux Command Line Reference.
The Scanning Tool begins scanning the endpoint.
- Allow some time to allow the scan to complete or press CTRL-C to cancel an on-going scan.
-
If the configured scan action is Confirm, Portable Security prompts you
for an action after detecting a threat.
-
f: Portable Security attempts to clean or quarantine the detected threat
-
i: Portable Security takes no action on the detected threat
-
F: Portable Security attempts to clean or quarantine all detected threats
-
I: Portable Security takes no action on any detected threat
-
- Portable Security displays the scan results and action results, and saves the scan logs to the Scanning Tool device.
