1823913 Members
3379 Online
109667 Solutions
New Discussion юеВ

anti virus script???

 
Shaun Aldrich_1
Advisor

anti virus script???

Does anyone have a script or know how to create a script which will run on HP-UX or Solaris and can automatically deploy the latest virus definition files which are copied from the internet to the unix server?

Once I have copied the latest virus definition file to a directory on the unix server the script should ssh the virus definition file to all the Windows 2000 servers and install it.

Since it is a secure environment only ssh or scp are enabled not telnet or ftp.

Any help on this one is greatly appreciated?
Hard work & dedication goes a long way...
9 REPLIES 9
Mark Greene_1
Honored Contributor

Re: anti virus script???

Last I knew, both Norton and McAfee required either an enterprise licence to load a single definition file on multiple PCs, or to have each individual PC obtain the file and update themselves. In either case, the updates are obtained from the vendor over the web via https. You might be able to get a perl/cgi script going in apache to get the updates, but you'll have to be able to change it whenever your anti-virus vendor makes changes to their website or the download process.

mark
the future will be a lot like now, only later
Shaun Aldrich_1
Advisor

Re: anti virus script???

Hi Mark,

I should have explained myself clearer. I would actually download the latest virus definition file manually from the Norton Anti-virus website to my laptop. I would then copy the definition file to a directory on the unix server.

The script itself should be able to ssh /scp the virus definition file to all the Windows 2000 servers and install it.

Hope this helps...
Hard work & dedication goes a long way...
Steven E. Protter
Exalted Contributor

Re: anti virus script???

Both of the above mentioned companies will for a big fat fee provide access via sftp. You'll need to contact them human to human.

What you could do is run the update on a PC and open up those directeries as shared. Then the CIFS/9000 client can be used to connect to the PC and get teh files.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Mark Greene_1
Honored Contributor

Re: anti virus script???

"The script itself should be able to ssh /scp the virus definition file to all the Windows 2000 servers and install it. "

Ok. Get a copy of expect for HP, if you don't already have it. You'll need it to feed the Win2k commands as input from the ssh script to run the install once the file is on the Win2k box:

http://hpux.cs.utah.edu/hppd/hpux/Tcl/expect-5.38/

You'll then want to install either KiXtart or MS ScriptIt on the Win2k boxes so you have a batch processing environment to work with on that side as well. I don't have a URL, but both are downloadable from the MS web site.

Never having done this, I don't have an ssh script handy to give you, but once you have the infrastructure in place, doing the script will be the easy part.

HTH
mark
the future will be a lot like now, only later
Shaun Aldrich_1
Advisor

Re: anti virus script???

There is absolutely no internet access from these Windows 2000 servers so that is why I was going the route of downloading the file myself and copying it to the unix server which in turn could execute a script which would deploy the definition file to all servers & install.

This would still be more automated than manually copying the file to each Windows machine one at a time from unix, then logging into each Windows server and installing.

Let me know if you have any ideas or scripts for this.

Thanks.
Hard work & dedication goes a long way...
Shannon Petry
Honored Contributor

Re: anti virus script???

I cant help but think this wont work the way you want anyway. MS crap does not support SCP or SFTP without additional products, and even then can have issues. It would probably be easier to write a batch for the windblows boxes that copies the new file from a share on HP (shared by either Samba or CIFS).

Out of curiosity, why not install a single HP with Linux to serve all your PC's? Even a HP-UX box?

I have converted 4 sites now to exclusively Linux servers. I have reduced the companies hardware costs for servers by 60%, and licensing feels 93%.

Just food for thought...

Regards,
Shannon
Microsoft. When do you want a virus today?
Jordan Bean
Honored Contributor

Re: anti virus script???


Why not have NAV auto-update? Does your security policy prohibit ANY use of telnet and FTP? Why regard the anonymous download of publicly available data as insecure?

Okay, why not have NAV on the W2k systems automatically download the new def files from a local HTTP or FTP server? If you can't tell NAV were to look, then find out where NAV is looking and spoof that domain in your local DNS servers to resolve to a local server. Optionally, this host can automatically download the new defs periodically so you won't have to do any manual work.

benoit Bruckert
Honored Contributor

Re: anti virus script???

Hi,
I didn't understand all, but I'm writing what I think you want :
1 - You want to download virus definition from internet to you unix server.. You can use http or ftp protocol to do that ....
2 - You want to push this file to your w2000 servers through ssh.
3 - Your unix server can start installation on w2k servers (through ssh).

Here are the possibles answers :
for 1 ; the wget tool is for you, you can use it to download file through http, and store it on your disks.
for 2 : ssh is possible, but you need sshd on yous w2k servers which is not standard !! You can get install one (openssh) but with cygwin.
You don't need expect because you can manage with ssh authentication with public keys...(by the way scp is more easy to copy files).
for 3 : same as 2 if you have a sshd server on the w2k you can start any local scripts, for example anti virus installation (if this is possible some anti virus software cannot be run through command lines !)

Here is another way.
Instead of using sshd on w2k, you can use on the reverse side, and keep only a client on the w2k. But this means that you have to create a kind of daemon on the w2k wich will check every x hours if a new virus arrived, and copy it if it's the case.
By the way the client side on w2k is lighter (no need cygwin).

hope that help
Benoit
______
"Quand un homme et une femme sont mari??s, ils ne deviennent plus qu'un ; la premi??re difficult?? est de d??cider lequel." H. L. Mencken
Une application mal pans├йe aboutit ├а une usine ├а gaze (GHG)
Andreas D. Skjervold
Honored Contributor

Re: anti virus script???

Hi

Have attached the McAfee script we use to download DAT files.
The -netrc is configured to use a ftp-gateway service that we use.

rgds
Andreas

.netrc:
machine ftp_gateway
login anonymous@ftp.nai.com
password youremail@domain
macdef init
cd pub/antivirus/datfiles/4.x
bin
prompt
mget dat-*.tar
close
bye
Only by ignoring what everyone think is important, can you be aware of what everyone ignores!