Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


eTrust antivirus signature updates

Posted on 2004-10-08
Medium Priority
Last Modified: 2008-01-09
Computer Associates (CA) eTrust product allows for scheduled virus signature updates from either CA's ftp server or from a redistribution server ie internal server downloads virus signatures and workstations are updated over the network. The manuals make a big play about this scheduling and that it can be set to convenient time. From a security point of view I am trying to ensure that signature updates are downloaded to each client upon login. This is particularly import in my environment as I have a lot of mobile laptop users with direct internet connections.
Can anyone help with regard to how to force a signature update upon login???

Question by:wsmyth
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2

Expert Comment

ID: 12260509
i have ours setup in early a.m.
so it kicks in no matter when they sign on

Expert Comment

ID: 12273974
Hi wsmyth,

We do at work exactly what you're wanted to do to your network.

We have access to a simple Visual Basic application that will compare the current virus signatures you have on your server to that on CA's ftp.  If the ones on your server are older then it'll pull down the required files to bring it up to date.

What I'm suggesting you do is have this app run once a day on your server then have the client PC's InoculateIT software look to your server for updates and if necessary download them and bring the client machine up to date.

This may sound a little complicated but really, it's not.

If you're interested then let me know and I'll upload the app to a public ftp server for you to try out.

What will you need to do to get it going?

Getting the latest updates using the app
1/ Download the VB app
2/ Set the .ini file that comes with the app
    2a/ All you'll need in the .ini is where you want the files downloaded from the ftp to go
3/ Download the latest signature updates using our VB app by simply running it.

Updating clients
1/ You'll need to update the Inodist.ini file on each client machine which will tell them where to look to download the updates from (this will be a location on your server) and what type of download it will be (i.e., scheduled and UNC)
2/ To do the above I'd reccommend blowing out the Inodist.ini file using a login script
3/ Once you'd completed the above everything should go smoothly

Let me know if you're interested.


Author Comment

ID: 12274830
Hello Edit-HTS
Thanks for the information. I am very interested in taking you up on your kind offer. Am I right in saying that you are downloading and distibuting the executable version of the signature? Its sounds as though you have completely bypassed the facilities provided in the actual software in favour of this level of control.

Since the client software obviously execute a particular program via the scheduled update routine I had originally hoped to be able to run this program via say, a login script. Unfortunately I cannot seem to find any reference to the actual program to run.

In the absence of being able to use the inbuilt facilities your method sounds good.

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.


Expert Comment

ID: 12280211
You're absolutely correct in saying I'm distributing the executable signature file - there are two text files in the public ftp directory on ca's website, siglist.txt and siglist2.txt.  The former is a list of major updates and the latter is minor (or incremental) updates - these files contain dates and version numbers, etc.

Basically it'll check the two files against the two on your server and sort rip down the appropriate executables.

Sit tight and when I get to work this afternoon I'll post some detailed instructions and upload the app.



Expert Comment

ID: 12284449

I've been pissing around here at work for a while and have managed to get your app zipped and ready to roll.  There are a few things that you must do and have in place because of the nature of the code of the thing.

1/ Download the zip from
2/ Unzip to (You can choose this as long as the later settings pointing to this location) C:\Sigs\ on your server.  Make this directory shared and accessible by all users
3/ Open AVUpdate.ini
4/ Where it says "Local Path=" add "C:\Sigs\" after it so the whole line will look like: Local Path=C:\Sigs\
4a/ Make sure you put the last \ in as it will download to the root of the C:\ otherwise.
5/ You need to log directory so make sure you don't delete it
6/ Run the executable AVUpdate.exe
6a/ Note: This is a pretty shitty executable, the code is badly written etc, but it does work.  When it's downloading the updates from CA's ftp it'll look as if it's not responding and it may freeze your system while downloading.  Don't panic though - it will work if it starts.

If it doesn't start then let me know and I'll help you troubleshoot.

Now that you've got the executable to a state where it'll download the latest updates when you execute it.

Now here's the hard part.

You'll need to set the client machines to look for the updates in the C:\Sigs\ directory on the server.  The settings for this are in the inodist.ini file in the root of each ETrust's installation folder on the clients.

Right now, go to a client, login, and bring up the inodist.ini file.  Here's an example of our inodist.ini file here at work:

Linux (Intel)=8
Sun Solaris=9
Windows 9x/ME=3
Windows NT/2000 (x86)=4

Where it says: Path=\\rslprd1\sys\inoc7\sigs you'll need to change it to the path of your sigs directory on your server.  E.g., \\ServerName\ShareName (To the file C:\Sigs\)

You probably wont (or will you?) have a Username or Password in your ini file if you're running a Windows Based Server Platform, we use Novell so that's why we've got a username and password.

Let me know if you're using Novell cause if you are it'll be a different story.

So, in the login scripts of each user you'll have to blow out an updated inodist.ini file.  Do this on one machine first to make sure it works, if it doesn't let me know and I'll help you troubleshoot.

Hopefully that's what you wanted.

You can use the scheduler in the client machines to check the server for updates maybe 3 or 4 times a day - you can check at login but that gets a litte more complicated for me to explain - why don't we get it working to the point where I've tried to explain then we'll go from there?

Luck to you.


Author Comment

ID: 12306755
Thanks for the info to-date. I have been up to my eyes in it getting a new server installed so have not had a chance to check out your solution but I definitely will! It is a test at login that I am really interested in so will post back here once I have the other elements fixed. Thanks again

Accepted Solution

Edit-HTS earned 2000 total points
ID: 12306962
No problems at all, hope it helps you out like it has us.


Featured Post

The top UI technologies you need to be aware of

An important part of the job as a front-end developer is to stay up to date and in contact with new tools, trends and workflows. That’s why you cannot miss this upcoming webinar to explore the latest trends in UI technologies!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
Viewers will learn how to use the Hootsuite Dashboard.
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question