SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

README,v 1.14.3 Sat Apr 6 02:39:17 2002 CET

README for virusNotification.pl

1 - About virusNotification

virusNotification is a simple PERL script that can be run through cron or manually to detect, download, and notify by email when new DATs are present for McAfee antivirus software.

Emails sent contain the location where the DAT file can be retrieved (both locally and remotely), as well as a list of the changes from the previous to the newest DAT. If any viruses on the Top Threats list or the Virus Alerts pages have been addressed by the new DAT, this information will also be noted in the email

The script does its job through the use of a simple regex on various web pages from McAfee's site. As such, changes to their site layout may result in unforeseen results. To help combat this, if any unusual layout is detected, an email will be sent to the designated admin noting the problem.

The minimum requirement to run this script is PERL, either wget or LWP::Simple, and either a system mailer (like sendmail) or Mail::Mailer.

2 - Setup

Setup is quite simple -- only a few variables, locaed at the top of virusNotification, need to be set.

DATStorageDirectory: The directory where the DATs are saved once retrieved.

stateStorageDirectory: Where a small amount of information is kept to help the

script maintain state between runs.

localWebPrefix: This is the web prefix to which the downloaded DATs are appended.

The people emailed about DAT updates are given this link so they can retrieve the local copy of the DAT.

mailCmd: System mail command. Can also use the Mail::Mailer package,

in which case you may define the fromAdress variable.

wgetCmd: The command (including path if necessary) to operate wget. If this is

commented out, then the following line should not be commented and the LWP::Simple package must be installed.

recipients: A comma delimated list of addresses to email the notification to.

  • - Please note that '@' characters in addresses must be written as '\@' to keep PERL from interpretting them as arrays.

useCC: if set to 1 (boolean true) the script will use the cc: addresses in the

string you have provided. If set to zero (default), no one gets cc'ed.

ccEmails: A comma demlimited list of addresses to cc: copy the notification to.

  • - Please note that '@' characters in addresses must be written as '\@' to keep PERL from interpretting them as arrays.

useBCC: if set to 1 (boolean true) the script will use the bcc: addresses in the

string you have provided. If set to zero (default) no one gets bcc'ed.

bccEmails: A comma demlimited list of addresses to bcc: (cci:) blank copy 

        (ie. no one in BCC list sees anyone else in the BCC: list's email)
        the notification to.
   * - Please note that '@' characters in addresses must be written as
       '\@' to keep PERL from interpretting them as arrays.

adminEmail: The address of the programs admin. Notices will be sent to this

address if there is a problem running the script or getting the updated DATs. Since this script depends on the McAfee pages maintaining the same sctructure, notices will usually be sent when the page structure has changed and the requested DAT information cannot be found.

fromAddress: Address message is from.

subject: The subject line of the emails sent to the recipients (defined above)

when there is an updated DAT.

GET_EXE: Define this if you would like a windows (Intel) exe version of the

DAT retrieved. Comment it out if you would not.

GET_ZIP: Define this if you would like a windows (Intel) zip version of the

DAT retrieved. Comment it out if you would not.

MAIL_TOP_THREATS: Define this if you would like the notification email to

include which, if any, of the Top Threats are addressed with this update.

MAIL_VIRUS_ALERTS: Define this if you would like the notification email to

include which, if any, of the Virus Alerts are addressed with this update.

3 - Changelog

v 1.14.4 (2003.03.05)

-McAfee changed the actual filename of the files we had to look for. Now corrected. Several people sent in the same fix.

v 1.14.3 (2002.04.06)

-Fixed yet another problem with a changed page layout. What are they doing over there at McAfee? =}

v1.14.2 (2002.04.05)

-Fixed yet another small problem with the date RegExp. Thanks (again! =} ) to Brian Welch for mailing 

        in the fix before my check had even run that morning (and to Rudy Ziljstra who was about 15 
        minutes behind him with the same fix. =} )

v1.14.1 (2002.03.29)

-Fixed a small problem with the date RegExp. Thanks to Brian Welch for mailing 

        in the fix before I had even gotten up in the morning to check my mail... =} (and to
        everyone else who subsequently mailed in the same fix. =} )

v1.14 (2002.03.11)

  • Fixed and augmented the Readme ability to give a header and list all new viruses that the DAT file fixes/cleans etc. (tested against README of last DAT virus file so I hope it stays the same or I'll need to fix it again)

v1.13 (2002.03.08):

  • Added in the ability to CC: or BCC: people who are mailed the notification.

    Daryl takes over as maintainer!

v1.12 (2001.07.24):

  • Checks that directories defined for DAT and state file storage are terminated with a '/'.

v1.11.0.2 (2001.06.13):

  • McAfee page changed layout, fixed regex.

v1.11.0.1 (2001.05.29):

  • McAfee page changed layout, fixed regex.

v1.11 (2001.05.28):

  • option of downloading through either wget or using the LWP::Simple package
  • State files and DAT files can now be kept in seperate directories

v1.10 (2001.05.27):

  • added ability to get tarred DAT files (Thanks to Rudy Zijlstra <rudy@edsons.demon.nl>)
  • restructured code for composing message
  • can specify mail command or use the Mail::Mailer package
  • mail using mail command improved
  • added fromAdress option

v1.9 (2001.05.24):

  • "Top Threats" is broken. Is there any interst is getting this to work again?
  • added documentation
  • added ability to get zipped DAT files
  • added options to get either/both/neither the exe or the zipped DAT
  • improved packaging

v1.8 (2001.05.17):

  • Initial public release

4 - Todo

  • Fix RegExp problems on TopThreats and VirusAlerts
  • Add in SuperDat download option
  • implement command line options
  • mail using Mail::Mailer does not set the subject
  • rather than use the web page for links and information, use the FTP server - might result in fewer regex problems due to changed page layout

5 - Author

Maintained by Daryl Manning (virdat@wakatara.com). Written originally by Keith Resar (3af86bc67c874@heavyk.org).

Mail me any comments: improvement suggestions, bug reports, "hey I'm using this and I kinda like it" reports, etc. I'd really like to get an idea about how many people are actually using the script.


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.