[Mimedefang] Re: McAfee auto-update script problem

Ole Holm Nielsen Ole.H.Nielsen at fysik.dtu.dk
Tue Jun 17 04:01:01 EDT 2003


Thanks for the answers.  Several people pointed to passive-FTP
as being the cause of the problem (we're behind a kind of firewall),
and this is (partly) the answer to my question #1.

I'm appalled that Lynx, and Wget as well, use active-FTP by default
and must be configured explicitly to use passive-FTP.  Opening
your network to active-FTP transfers makes you wide open to
all sorts of attacks.  I thought that all modern FTP-clients would
use passive-FTP by default, but Lynx and Wget seem to be exceptions :-(

Unfortunately, Lynx doesn't seem to work at all with passive-FTP even
when I define FTP_PASSIVE:TRUE in /etc/lynx.cfg as suggested, and
it still hangs as before.  A working solution is the one offered
by Stephane Lentz <Stephane.Lentz at ansf.alcatel.fr>, replacing Lynx
by ncftpls in the script:
VERSION_CURRENT=`ncftpls ftp://ftp.nai.com/pub/antivirus/datfiles/4.x/ | grep 
tar | cut -d - -f 2 | cut -d . -f 1`
For wget you simply add the flag --passive-ftp.

Obviously, a more robust uvscan update script is needed which could
also get extra.dat files etc.  I'll look at Stephane's links,
but perhaps someone could recommend the Ultimate McAfee Update Script ?

As for reporting the virus name in the Mimedefang output,
does anyone have a context-diff that will make Mimedefang do the
right thing ?

Ole Holm Nielsen wrote:
> I tried the McAfee auto-update script recommended by Lucas Albers, see
>    
> http://lists.roaringpenguin.com/pipermail/mimedefang/2003-June/006135.html
> but it hangs when trying to use "lynx -dump" to get a directory
> listing of ftp://ftp.nai.com/pub/antivirus/datfiles/4.x
> This was tested on a number of different redhat versions.
> 
> There is no problem to see the listing when using ncftp,
> so it seems that "lynx" doesn't work as expected.
> 
> Questions:
> 1. Has anyone else gotten the mentioned update script to
>    work, or found an even better script ?
> 2. Is there a script for getting also any extra.dat file ?
> 3. How exactly does one get the virus name as reported by uvscan
>    (context-diff of scripts, for example) ?

Ole Holm Nielsen
Department of Physics
Technical University of Denmark




More information about the MIMEDefang mailing list