|
|
|||||||
It would appear that Symantec has changed their LiveUpdate to just once a week. Now anyone that wants more frequent pattern updates will have to manually (or script) FTP download. I dug up the following article on Symantec's site on how to script the FTP download. http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2000010708230148 {edit} Flawed logic below. Much wiser now. Vpcur.lst still only reflects the LivUpdate version and not the most recent (Intelligent Updater) version. It is very basic in that it doesn't check the pattern file version. On the same FTP site, there is a vpcur.lst file that is in an INI format as follows: [patterns] VD109E02.VDB=navup.exe I was thinking that with KiX, this file could be downloaded and enumerated, then checked against the existing patttern to determine whether a newer one need be downloaded. Has anyone done this already? Being as lazy as I am, I'd hate to reinvent the wheel. [ 12. August 2002, 16:33: Message edited by: LLigetfa ] |
||||||||
|
|
|||||||
Les, I have done a similar thing with Batch using McAfee. Check out the response I just gave at - http://kixtart.org/cgi-bin/ultimatebb.cgi?ubb=get_topic&f=1&t=004164 Thanks! - Kent |
||||||||
|
|
|||||||
Symantec has started releasing liveupdate defs once a week because they've started releasing platinum certified defs once a day for platinum customers. The dumb thing is they're only available in the intelligent updater format mmddx86.exe or mmddi32.exe only. Which means that you can neither get these defs through liveupdate and your clients can't receive them through liveupdate file name changes daily. The changing date made it really hard to know which file to grab. I have a script, several actually that will parse the date and retrieve the daily certified defs from them if you'd like. L8tr.. |
||||||||
|
|
|||||||
Interesting... Thisis the very basic FTP script that is on Symantec's site as per the aforementioned link. code: As you can see, it is not in the date coded format. Are you saying these are not as stringently tested? I would be interested in seeing what you've got. Incidentally, they released a new pattern today. |
||||||||
|
|
|||||||
Les - Here is a KiX script I use to FTP into NAI daily, retreive SDAT/ZipDAT files, compare with local copies, then copy updated files to PDC's. Here they are accessed via the login script. This may help you out. Bill code: [ 19 February 2002: Message edited by: bleonard ] |
||||||||
|
|
|||||||
There're releasing daily defs in the intelligent updater format only. The script/scripts I wrote to get this are at: NAV Certified Intelligent Updater Defs L8tr.. |
||||||||
|
|
|||||||
I guess it'd help if I added the file names... Here are the file names of the scripts in my last post.., they are in this order: |
||||||||
|
|
|||||||
{edit}Update - Please see below for a newer version. Thanks to all for your input. Well... being as I'm as lazy as I am... too lazy to try and reverse engineer the scripts submitted... I decided to write my own. It will run on the NAV Parent server as a Task Scheduler job. If anyone wants to adopt it, the first three vars need be set. $TempDir is where the downloaded file gets extracted to. The script will delete everything in $TempDir once done. $WorkDir is where the script runs from, creates FTP scripts to, downloads vpcur.lst and symcdefsx86.exe which all but the KiX script get deleted and recreated. $VPHome is where NAV is installed to on the Parent server. In my case it is C:\Program Files\NAV. If you want to test it, just create test folders to match and copy your VDB files to $VPHome. code:Break on [ 12. August 2002, 16:37: Message edited by: LLigetfa ] |
||||||||
|
|
|||||||
So DOC, Did I make this way more complicated than I needed to? What are you doing for pattern updates? |
||||||||
|
|
|||||||
No problem Les, I'm sure everyone has their own ideas and methods. Symantec has pushed out too many bad defs that can/could hang or otherwise disable your desktops, so we always test their def files on a couple systems first before deploying. So I manually launch the definition update from the console for one server in our Domain, which then automatically updates all the other servers which in turn updates all the clients. That way it is fully automated except for the fact that we test first. If you trust Symantec you can simply have one server automatically update the def files every day through their LiveUpdate program and then have all of your other systems checking and updating from your one main server. It works, we just don't trust Symantec to get it right the first time every time. Most of the time they do, but that would be a real drag to have 1,000s of desktop dead to the point that it required "MANUAL" intervention to repair. |
||||||||
|
|
|||||||
DOC, I may have mentioned this once or twice. I'm divisional IT. Corporate IT is responsible for the FireWall and they use McAfee. They update their pattern once a week. Being a belt & suspenders (& ductape) kinda guy, I also have InnoculateIT on my Notes server and NAV on my desktop. InnoculateIT catches a whole bunch that McAfee misses. There have been many times where NAV, (partly because of the daily updates) have caught viruses that the others have missed. I've heard of bad patterns causing grief, but personally haven't encountered any from Symantec (well, a couple back on LANDesk VP abended my NetWare server). I've had my Notes server go south several times from bad patterns but NAV has been rock solid since 7.5 with every (4 times daily) update. |
||||||||
|
|
|||||||
Here's an update on my NAV pattern downloader. Recently I put out a cry for help here but nobody replied. I deleted the previous two posts as they no longer apply. Basically, to make a long story short, Symantec has once again changed how they post their latest pattern file. Used to be, you could just download their vpcur.lst file and just rip the current filename from it. Not so any more. Vpcur.lst now often lags behind the most current. What I do now is an ftp 'ls' command and redirect the output to a file, parse the file, and ascertain the newest. code:{edit} Fixed a couple of bugs.Break on 1. If FTP failed, need to check for a zero-byte file. 2. Needed to convert filename to LC as FTP is case sensitive. [ 20. January 2003, 16:19: Message edited by: LLigetfa ] |
||||||||
|
|
|||||||
Fixed a couple of bugs. 1. If FTP failed, need to check for a zero-byte file. 2. Needed to convert filename to LC as FTP is case sensitive. |
||||||||
|
|
|||||||
Help! Is anyone else using FTP for Intelligent Updater updates? Seems that Symantec has once again changed their FTP site or something. This script is no longer working. The site I would DL from is: ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus/vdb Can anyone see any VDB files at that site? |
||||||||
|
|
|||||||
Found 3: vd12f419.vdb vd12f605.vdb vd130405.vdb |
||||||||
|
|
|||||||
me found too. les, I'm thinking of kicking your script to graveyard, may I? have a better on plann... just testing does it kick correctly. |
||||||||
|
|
|||||||
Thanks Patrick. must have been one of their mirrors down. They have ftp1 ~ ftp8 as mirrors. Tried it again and it's DLing fine now. Jooel, Was thinking of maybe doing it with COM but up until now was working just fine. If it ain't broke, why fix it? What do you have in mind? |
||||||||
|
|
|||||||
shorter code ready for run (tested): code:anyway, for this you need the ftpGET() from udflib.$address="ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus/vdb/" |
||||||||
|
|
|||||||
btw, as I see you fighting with this, I see my f-secure in better light every day. runs like a train. also, virus defs up to date and quicker sig updates. |
||||||||
|
|
|||||||
Dang! CorpIT must be messing with the firewall/Proxy. Can no longer reach that site via proxy. Thanks Jooel, Can't test now as current connection is via proxy. |
||||||||
|
|
|||||||
Here's what I use to download their daily certified defs through ftp..works like a charm... code:Here's my ftp script. I'm going into the static directory now and pulling the symcdefsx86.exe file. Symantec said (uh oh.. ) That this file is the same file as their daily certified defs that have a file date as the name.Echo y| del e:\platdefs\*.* code:That way all of the parent servers in my server groups get updated at the same time the primary does and I don't have to schedule them separately... L8tr... |
||||||||
|
|
|||||||
but, who's code is kix? thanks to kent again. |
||||||||
|
|
|||||||
Dang! Lack of foresight on my part and more than 5 old patterns on Symantec's FTP site broke my script. The following DIM is too conservative: Dim $FNArray[5] Should be more: Dim $FNArray[10] Script updated... my apologies. [ 20. January 2003, 16:21: Message edited by: LLigetfa ] |