[Mimedefang] Re: McAfee auto-update script problem
Tony Nugent
tony at linuxworks.com.au
Tue Jun 17 05:25:01 EDT 2003
On Tue Jun 17 2003 at 10:00, Ole Holm Nielsen wrote:
> Obviously, a more robust uvscan update script is needed which could
> also get extra.dat files etc. I'll look at Stephane's links,
> but perhaps someone could recommend the Ultimate McAfee Update Script ?
I guess like many others, I've hacked my own... it isn't so pretty,
and others would have surely done a better job, but it does the
job:) In my case, I also needed to grab the updates for the windows
boxes and put them where they will be accessable with their daily
auto-updates going.
So in a pinch I'd use the Ultimate McAfee Update Script if it could
do that for me too :) But such beasts seem to be around... earlier
in this thread someone mentioned something at freshmeat, and I'm
about to try three such tools that can be found there:
Mcafee Virus Update Notify
- Notifies you when new Mcafee virus updates are available.
http://www.terrapoint.de/kzone/
http://terrapoint.de/[..]d/mcvu_notify_1.1/mcvu_notify_1.1.tar.gz
Virus Update Server
- A virus update server for McAfee products.
http://www.medici.org/projects/vs.html
http://www.medici.org/projects/vsuserver-1.4.1.tar.bz2
virusNotification
- A script which detects and notifies others about McAfee DAT updates.
http://www.wakatara.com/virdat/
http://www.wakatara.com/virdat/virusNotification-1.14.4.tar.gz
(comments about any of these would be welcome)
> As for reporting the virus name in the Mimedefang output,
> does anyone have a context-diff that will make Mimedefang do the
> right thing ?
I've been using the following snippet of code in mimedefang-filter
to do this with uvscan for quite a while now, and it seems to work
very nicely:
sub get_virus_name_nai($) {
my($virname) = @_;
$virname =~ s/.*?(Found .*?) !!!.*$/$1/s;
if ($virname =~ /Found the .*? virus/) {
$virname =~ s/Found the (.*?) virus.*/$1/;
} elsif ($virname =~ /Found virus or variant/) {
$virname =~ s/Found virus or variant (.*?)/$1/;
} elsif ($virname =~ /Found the .*? trojan/) {
$virname =~ s/Found the (.*?) trojan/$1/;
}
return $virname;
}
$VIRUS_NAME = get_virus_name_nai($VirusScannerMessages);
Cheers
Tony
More information about the MIMEDefang
mailing list