Configure the detection of threats based on the longest string within files. This is an EXPERIMENTAL feature and should be used with caution.
sentinel --task=antimalware:statisticalanalysisOption |
Value | Default | Description |
|---|---|---|---|
--string_length_scan |
<1|0> | 0 | This is an EXPERIMENTAL feature and should be used with caution. Enable the identification of threats based on the length of the longest uninterrupted string within a file. This is useful as obfuscated code is often stored using encoding methods that produce very long strings without spaces (e.g: base64) |
--string_length |
<string> | 150000 | The length of the longest uninterrupted string within a file. |
--default |
<yes> | Reset all settings to their default values. | |
--default_option |
<option> | Reset a specific setting to its default value. | |
--restart |
<yes> | Restart the service after saving settings. |
// enable the string_length_scan
sentinel --task=antimalware:statisticalanalysis --string_length_scan=1 --restart=yes
// reset string_length_scan back to its default value
sentinel --task=antimalware:statisticalanalysis --default_option=string_length_scan --restart=yes
// reset all settings to their default values
sentinel --task=antimalware:statisticalanalysis --default=yes