Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

eTrust antivirus signature updates

Posted on 2004-10-08
8
Medium Priority
?
6,514 Views
Last Modified: 2008-01-09
Computer Associates (CA) eTrust product allows for scheduled virus signature updates from either CA's ftp server or from a redistribution server ie internal server downloads virus signatures and workstations are updated over the network. The manuals make a big play about this scheduling and that it can be set to convenient time. From a security point of view I am trying to ensure that signature updates are downloaded to each client upon login. This is particularly import in my environment as I have a lot of mobile laptop users with direct internet connections.
Can anyone help with regard to how to force a signature update upon login???

Thanks
0
Comment
Question by:wsmyth
  • 4
  • 2
7 Comments
 
LVL 1

Expert Comment

by:Mr_C_Obvious
ID: 12260509
i have ours setup in early a.m.
so it kicks in no matter when they sign on
0
 
LVL 1

Expert Comment

by:Edit-HTS
ID: 12273974
Hi wsmyth,

We do at work exactly what you're wanted to do to your network.

We have access to a simple Visual Basic application that will compare the current virus signatures you have on your server to that on CA's ftp.  If the ones on your server are older then it'll pull down the required files to bring it up to date.

What I'm suggesting you do is have this app run once a day on your server then have the client PC's InoculateIT software look to your server for updates and if necessary download them and bring the client machine up to date.

This may sound a little complicated but really, it's not.

If you're interested then let me know and I'll upload the app to a public ftp server for you to try out.

What will you need to do to get it going?

Getting the latest updates using the app
1/ Download the VB app
2/ Set the .ini file that comes with the app
    2a/ All you'll need in the .ini is where you want the files downloaded from the ftp to go
3/ Download the latest signature updates using our VB app by simply running it.

Updating clients
1/ You'll need to update the Inodist.ini file on each client machine which will tell them where to look to download the updates from (this will be a location on your server) and what type of download it will be (i.e., scheduled and UNC)
2/ To do the above I'd reccommend blowing out the Inodist.ini file using a login script
3/ Once you'd completed the above everything should go smoothly

Let me know if you're interested.

-Edit
0
 

Author Comment

by:wsmyth
ID: 12274830
Hello Edit-HTS
Thanks for the information. I am very interested in taking you up on your kind offer. Am I right in saying that you are downloading and distibuting the executable version of the signature? Its sounds as though you have completely bypassed the facilities provided in the actual software in favour of this level of control.

Since the client software obviously execute a particular program via the scheduled update routine I had originally hoped to be able to run this program via say, a login script. Unfortunately I cannot seem to find any reference to the actual program to run.

In the absence of being able to use the inbuilt facilities your method sounds good.

Thanks
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 1

Expert Comment

by:Edit-HTS
ID: 12280211
You're absolutely correct in saying I'm distributing the executable signature file - there are two text files in the public ftp directory on ca's website, siglist.txt and siglist2.txt.  The former is a list of major updates and the latter is minor (or incremental) updates - these files contain dates and version numbers, etc.

Basically it'll check the two files against the two on your server and sort rip down the appropriate executables.

Sit tight and when I get to work this afternoon I'll post some detailed instructions and upload the app.

-Edit

0
 
LVL 1

Expert Comment

by:Edit-HTS
ID: 12284449
wsymth,

I've been pissing around here at work for a while and have managed to get your app zipped and ready to roll.  There are a few things that you must do and have in place because of the nature of the code of the thing.

1/ Download the zip from ftp://203.241.84.12/pub/AVUpdate.zip
2/ Unzip to (You can choose this as long as the later settings pointing to this location) C:\Sigs\ on your server.  Make this directory shared and accessible by all users
3/ Open AVUpdate.ini
4/ Where it says "Local Path=" add "C:\Sigs\" after it so the whole line will look like: Local Path=C:\Sigs\
4a/ Make sure you put the last \ in as it will download to the root of the C:\ otherwise.
5/ You need to log directory so make sure you don't delete it
6/ Run the executable AVUpdate.exe
6a/ Note: This is a pretty shitty executable, the code is badly written etc, but it does work.  When it's downloading the updates from CA's ftp it'll look as if it's not responding and it may freeze your system while downloading.  Don't panic though - it will work if it starts.

If it doesn't start then let me know and I'll help you troubleshoot.

Now that you've got the executable to a state where it'll download the latest updates when you execute it.

Now here's the hard part.

You'll need to set the client machines to look for the updates in the C:\Sigs\ directory on the server.  The settings for this are in the inodist.ini file in the root of each ETrust's installation folder on the clients.

Right now, go to a client, login, and bring up the inodist.ini file.  Here's an example of our inodist.ini file here at work:

********
[SOURCES]
1=UNC_0
[UNC_0]
Method=UNC
Path=\\rslprd1\sys\inoc7\sigs
UserName=ca-user
UserPassword=ca-pword
RedistGui=0
[GET]
[POLICY]
UpdateLocalSignatures=1
SignatureHoldTime=0
MakeIncDownloading=1
IsDistributionServer=0
[OSID]
Linux (Intel)=8
Sun Solaris=9
Windows 9x/ME=3
Windows NT/2000 (x86)=4
[ENGINEID]
INOCULATEIT=1
VET=2
*******

Where it says: Path=\\rslprd1\sys\inoc7\sigs you'll need to change it to the path of your sigs directory on your server.  E.g., \\ServerName\ShareName (To the file C:\Sigs\)

You probably wont (or will you?) have a Username or Password in your ini file if you're running a Windows Based Server Platform, we use Novell so that's why we've got a username and password.

Let me know if you're using Novell cause if you are it'll be a different story.

So, in the login scripts of each user you'll have to blow out an updated inodist.ini file.  Do this on one machine first to make sure it works, if it doesn't let me know and I'll help you troubleshoot.

Hopefully that's what you wanted.

You can use the scheduler in the client machines to check the server for updates maybe 3 or 4 times a day - you can check at login but that gets a litte more complicated for me to explain - why don't we get it working to the point where I've tried to explain then we'll go from there?

Luck to you.

-Edit
0
 

Author Comment

by:wsmyth
ID: 12306755
Thanks for the info to-date. I have been up to my eyes in it getting a new server installed so have not had a chance to check out your solution but I definitely will! It is a test at login that I am really interested in so will post back here once I have the other elements fixed. Thanks again
0
 
LVL 1

Accepted Solution

by:
Edit-HTS earned 2000 total points
ID: 12306962
No problems at all, hope it helps you out like it has us.

-Edit
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Web hosting control panels were first developed to make it faster and easier for most users to set up and operate websites. The graphical user interface (GUI) allows users to perform tasks by pointing and clicking rather than typing highly specific…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question