[Mimedefang] Re: McAfee auto-update script problem
Ole Holm Nielsen
Ole.H.Nielsen at fysik.dtu.dk
Tue Jun 17 04:01:01 EDT 2003
Thanks for the answers. Several people pointed to passive-FTP
as being the cause of the problem (we're behind a kind of firewall),
and this is (partly) the answer to my question #1.
I'm appalled that Lynx, and Wget as well, use active-FTP by default
and must be configured explicitly to use passive-FTP. Opening
your network to active-FTP transfers makes you wide open to
all sorts of attacks. I thought that all modern FTP-clients would
use passive-FTP by default, but Lynx and Wget seem to be exceptions :-(
Unfortunately, Lynx doesn't seem to work at all with passive-FTP even
when I define FTP_PASSIVE:TRUE in /etc/lynx.cfg as suggested, and
it still hangs as before. A working solution is the one offered
by Stephane Lentz <Stephane.Lentz at ansf.alcatel.fr>, replacing Lynx
by ncftpls in the script:
VERSION_CURRENT=`ncftpls ftp://ftp.nai.com/pub/antivirus/datfiles/4.x/ | grep
tar | cut -d - -f 2 | cut -d . -f 1`
For wget you simply add the flag --passive-ftp.
Obviously, a more robust uvscan update script is needed which could
also get extra.dat files etc. I'll look at Stephane's links,
but perhaps someone could recommend the Ultimate McAfee Update Script ?
As for reporting the virus name in the Mimedefang output,
does anyone have a context-diff that will make Mimedefang do the
right thing ?
Ole Holm Nielsen wrote:
> I tried the McAfee auto-update script recommended by Lucas Albers, see
>
> http://lists.roaringpenguin.com/pipermail/mimedefang/2003-June/006135.html
> but it hangs when trying to use "lynx -dump" to get a directory
> listing of ftp://ftp.nai.com/pub/antivirus/datfiles/4.x
> This was tested on a number of different redhat versions.
>
> There is no problem to see the listing when using ncftp,
> so it seems that "lynx" doesn't work as expected.
>
> Questions:
> 1. Has anyone else gotten the mentioned update script to
> work, or found an even better script ?
> 2. Is there a script for getting also any extra.dat file ?
> 3. How exactly does one get the virus name as reported by uvscan
> (context-diff of scripts, for example) ?
Ole Holm Nielsen
Department of Physics
Technical University of Denmark
More information about the MIMEDefang
mailing list