Hello, I downloaded the trial version 5.5.14 of Kaspersky for Samba, but ran into a problem
The on-access real-time protection isn't working.
Kaspersky is able to block the read-access of infected, but is unable to prevent a file from being infected on the share in the first place.
Example:
1. I place a EICAR virus signature file into the share (or modify an existing dummy file with the EICAR signature)
2. Kaspersky does not block the write (I don't want this)
3. I attempt to copy out or open back the same file.
4. Kaspersky blocks.

[samba.shares]
CheckOnOpen=Yes
CheckOnClose= Yes

What I really want is to prevent the shares from being infected by irresponsible users in the first place. Is there anything I should do to configure samba or VFS properly? Or is it a missing feature?


Below is my setup
I help to admin a test lab environment with the following

1 Centos 4.8 Multi-purpose Server (inclusive of File server)
3000 test PCs pulling and pushing files (through samba and http)

The test PCs are at various times inside MS-DOS, XP/Vista, Linux, RTOS, environments
Password protection for the samba share is impossible (because we need to use cilent for MS-DOS), so this is a very big hole for certain Win32 virus (example Win32.Almanahe.c)
We have wasted a lot of valuable productivity due to 2 previous incidents of irresposible users plugging infected systems into the network, which was the Win32.Almanahe.c, and proceeded to overwrite executables on the unprotected network share. Background scan is not an option because the other test PCs may be scripted to pull and run the executables for tests at anytime.