Page 1 of 2 12>
Topic Options
#154421 - 2006-01-03 12:19 AM ftp exist udf?
cyri Offline
Getting the hang of it

Registered: 2005-06-27
Posts: 95
I have seen some of the FTP posts, but none seem to be quite what I'm looking for. I want to be able to query the McAfee FTP/HTTP DAT sites to see if there is a newer DAT available. Only query, nothing else.

The FTPGet() UDF actually retrieves the file, plus you need to know the name of the file to get. I would only know that the file will be something like "dat-XXXX.zip". Where XXXX is the DAT version. To determine whether it is newer I plan on comparing that to the DAT I currently have to see if it's newer.

I was looking at the OS built in FTP, but it seems a bit cumbersome and I don't know if that FTP can return the exist or not exist to Kix.

This could also be done using McAfee's HTTP site, but I'm not sure how that would be done either. I've toyed with the wget program, but again that will retrieve the file, which I don't want to do.

Would it be easier if I just retrieved the file to a temp location and then do the compare? Or if anyone knows of a way to query without the retrieve I would greatly appreciate it.

Top
#154422 - 2006-01-03 12:38 AM Re: ftp exist udf?
Shawn Administrator Offline
Administrator
*****

Registered: 1999-08-13
Posts: 8611
Strictly in terms of getting "better" information, would it be wiser to maybe read McAfee's delta.ini file here:

http://speedownload.nai.com/Products/CommonUpdater/delta.ini

that give this information:

[Contents]
LatestIncremental=621
Created=Mon Jan 2 04:40:00 2006
CurrentVersion=4665

amongst other things. Than maybe use Kixtart's ReadProfileString func to parse out the latest and greatest info.

Top
#154423 - 2006-01-03 12:42 AM Re: ftp exist udf?
cyri Offline
Getting the hang of it

Registered: 2005-06-27
Posts: 95
Thanks Shawn, didn't even know that location existed. I'll have to check my HTTP site again, but I think it's pointing somewhere else.

So would you recommend pulling that down with wget or something similar and then making the comparison?

Top
#154424 - 2006-01-03 12:44 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Well FTP does not support an If Exist contruct directly.
You might be able to do some listing to a temporary file and then parse the temporary file though.

Here is something that works well on the Symantec site which I'm sure could be modified to work on McAfee's site if wanted.


;REQUIREMENTS: 
;1: Must be run with an account that has Admin rights on the AV Servers
;2: KiXtart v4.22 or newer.
;Download: http://www.kixtart.org/binary/distrib/KiX2010_451.zip
;3: Only requires the WKIX32.EXE file from within the KiXtart zip file,
;all other files are not required
;4: IE Proxy settings need to allow access to the Symantec site to download files.

;*** NOTE - WARNING ***
;Must only be run for Symantec Antivirus 8.x and 9.x and 10.x Servers.
;Do not include any 7.x Servers in the list.

Break On
Dim $SO
$SO=SetOption('Explicit','On')
$SO=SetOption('NoVarsInStrings','On')
$SO=SetOption('NoMacrosInStrings','On')

Dim $URL,$Link,$RC,$Page,$Server,$Servers,$File,$Download,$Target,$FileSize
$URL='http://www.sarc.com/avcenter/download/pages/US-SAVCE.html'
$Link='http://definitions.symantec.com/defs/xdb/'
$RC=readHTML($URL)
$File=InStr($RC,$Link)
$File=SubStr($RC,$File+41,12)
$Download = $Link + $File
; Location where the file will be downloaded to
$Target='C:\DOWNLOAD\'
; Array list of 2000/2003 Servers
$Servers='AV01','AV02'

'Downloading ' + $File + ' Please wait...' ?
If FTPget($Download,$Target+$File)
; Unless link is completely down, probably will never get this error
'Error occured: ' + @ERROR + ' ' + @SERROR ?
Else
'Download complete... File saved in ' + $Target + ' as ' + $File ?
; Check the size of the file to confirm you didn't download just blank
; or small html file
$FileSize = GetFileSize($Target+$File)
If $FileSize >9000000
'Ready to update AntiVirus Defs ' ?
'File size downloaded was: ' + $FileSize ?
;Copy the XDB file to the 2000/2003 Servers
For Each $Server In $Servers
Copy $Target+$File '\\'+$Server+'\c$\PROGRA~1\SAV'
'Copying to ' + $Server +'... ' + @ERROR + ' ' + @SERROR ?
Next
; This line archives the definition files to AV02 for reference
MOVE $Target+$File '\\AV02\xdb\'
'Moving xdb file to AV02 archive... ' +@ERROR + ' ' + @SERROR ?
'Definition updates completed...' ?
'Please press a key to continue...' ?
Else
'The file size appears to be too small. '+
'Update aborted, please try later...' ?
'File size was: ' + $FileSize ?
Del $Target+$File
'Press a key to continue...' ??
GET $Pause
Quit 1
EndIf
'Press a key to continue...' ??
GET $Pause
EndIf

Function readHTML($page)
Dim $obj
$obj=createobject("microsoft.xmlhttp")
$obj.open("get",$page,not 1)
$obj.send
$readHTML=$obj.responsebody
EndFunction

Function FTPget($sURL, $sTargetFile, optional $sUser, optional $sPass)
Dim $oFTP, $oStream
$sUser=""+$sUser
$oFTP = CreateObject("Microsoft.XMLHTTP")
if @error $ftpget=1 exit 1 endif
$oStream = CreateObject("ADODB.Stream")
if @error $ftpget=2 exit 2 endif
if $sUser
$oFTP.Open("GET", $sURL, not 1, $sUser, $sPass)
else
$oFTP.Open("GET", $sURL, not 1)
endif
if @error $ftpget=3 exit 3 endif
$oFTP.Send
$oStream.Type = 1
$oStream.Mode = 3
$oStream.open
$oStream.Write($oFTP.responseBody)
if @error $ftpget=4 exit 4 endif
$oStream.SaveToFile($sTargetFile, 2)
if @error $ftpget=5 exit 5 endif
$oStream.Close
EndFunction


Top
#154425 - 2006-01-03 12:48 AM Re: ftp exist udf?
Shawn Administrator Offline
Administrator
*****

Registered: 1999-08-13
Posts: 8611
ja, ftpget seems to do the trick:

Code:

break on

FTPget("http://speedownload.nai.com/Products/CommonUpdater/delta.ini","c:\delta.ini")

exit 0

Function FTPget($sURL, $sTargetFile, optional $sUser, optional $sPass)
Dim $oFTP, $oStream
$sUser=""+$sUser
$oFTP = CreateObject("Microsoft.XMLHTTP")
if @error $ftpget=1 exit 1 endif
$oStream = CreateObject("ADODB.Stream")
if @error $ftpget=2 exit 2 endif
if $sUser
$oFTP.Open("GET", $sURL, not 1, $sUser, $sPass)
else
$oFTP.Open("GET", $sURL, not 1)
endif
if @error $ftpget=3 exit 3 endif
$oFTP.Send
$oStream.Type = 1
$oStream.Mode = 3
$oStream.open
$oStream.Write($oFTP.responseBody)
if @error $ftpget=4 exit 4 endif
$oStream.SaveToFile($sTargetFile, 2)
if @error $ftpget=5 exit 5 endif
$oStream.Close
EndFunction


Top
#154426 - 2006-01-03 12:56 AM Re: ftp exist udf?
cyri Offline
Getting the hang of it

Registered: 2005-06-27
Posts: 95
Thanks for the posts. I think what I'm going to end up doing is using the FTPGet() UDF and picking up the delta.ini file that Shawn recommended. Then I'll do my compare. This process is only going to be used for notification and not the actual download.

Thanks for the replies. And I see Shawn already replied with the FTPGet code that I will need.

PS - I read a post about the FTPGet() showing up as VBS/Psyme (Trojan) and the auto-email from the boards I got at work was picked up by McAfee. Sure enough it was tossed into the quarantine. Heh, oh well.

Top
#154427 - 2006-01-03 12:56 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
So where's the rest of the code solution
Top
#154428 - 2006-01-03 12:59 AM Re: ftp exist udf?
Shawn Administrator Offline
Administrator
*****

Registered: 1999-08-13
Posts: 8611
cyri sounds like he knows what he's talking about. dont think he needs any hand-holding.
Top
#154429 - 2006-01-03 01:00 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
ROFLMAO - Okay, be that way
Top
#154430 - 2006-01-03 01:01 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
No size or date check needed for Symantec as they update every day - if wanted there is even one that is updated hourly but I think that's a bit overkill.
Top
#154431 - 2006-01-03 01:19 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Oh... don't forget an EXIT code - Shawn is bagging on me on MSN
Top
#154432 - 2006-01-03 01:26 AM Re: ftp exist udf?
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
I am curious how he wants to use this new DAT info and why his approach is to use Kix to check for new DATs.
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#154433 - 2006-01-03 01:28 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Not sure. Doesn't McAfee update daily too?
Top
#154434 - 2006-01-03 01:36 AM Re: ftp exist udf?
Howard Bullock Offline
KiX Supporter
*****

Registered: 2000-09-15
Posts: 5809
Loc: Harrisburg, PA USA
Well I see in one of the post above he mentions notification. But why? Does he not have ePO running on a schedule to update the DATs? Avert sends out new DAT notifications...

Edited by Howard Bullock (2006-01-03 01:36 AM)
_________________________
Home page: http://www.kixhelp.com/hb/

Top
#154435 - 2006-01-03 01:40 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
What is the alert for? To tell you it did it, or that it failed? Not sure I'd like a page / e-mail every day for that.
Top
#154436 - 2006-01-09 09:27 PM Re: ftp exist udf?
cyri Offline
Getting the hang of it

Registered: 2005-06-27
Posts: 95
The notification I was talking about was an email that gets sent to my team. The script runs at 7am everyday to let us know that ePO has the latest DAT. It's a quick and easy way for those in my team that aren't as familiar with ePO to know if there is an issue with the DATs or not.

Putting the why question aside. I do have a problem with the script. Here is my FTPGet command.
Code:
FTPget("ftp://ftp.mcafee.com/CommonUpdater/delta.ini","C:\delta.ini")



When I check the C:\delta.ini file, it is not the current file. I browse to that location with IE and grab the file and it is the latest version. Here is the example of the contents of the delta.ini file. I'll give what FTPGet gives me and what browsing manually gives.

FTPGet Version
[Contents]
LatestIncremental=621
Created=Mon Jan 2 04:40:00 2006
CurrentVersion=4665

Manually browsing via IE Version
[Contents]
LatestIncremental=626
Created=Mon Jan 9 04:40:00 2006
CurrentVersion=4670

Am I doing something wrong with the FTPGet command?

Top
#154437 - 2006-01-10 12:21 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Maybe check/set your IE cache setting.

$IEKey='HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings'
$SetIECache=WriteValue($IEKey,'SyncMode5',3,REG_DWORD)

Top
#154438 - 2006-01-10 12:27 AM Re: ftp exist udf?
cyri Offline
Getting the hang of it

Registered: 2005-06-27
Posts: 95
This script is running with no logged on user as a scheduled task on a server. It has built in credentials in the task. Would this still apply?
Top
#154439 - 2006-01-10 12:55 AM Re: ftp exist udf?
NTDOC Administrator Offline
Administrator
*****

Registered: 2000-07-28
Posts: 11623
Loc: CA
Well then perhaps it's using the Default User profile.

Try modifying that one.

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings

Top
#154440 - 2006-01-10 12:58 AM Re: ftp exist udf?
Shawn Administrator Offline
Administrator
*****

Registered: 1999-08-13
Posts: 8611
I think (personally) that you are running into IE cache issues, here is a snippet of knowledge base:

Microsoft Internet Explorer Cache issues

Internet Explorer implements caching for GET requests. Authors who are not familiar with HTTP caching expect GET requests not to be cached, or for the cache to be avoided as with the refresh button. In some situations, failing to circumvent caching is a bug. One solution to this is using POST request method, which is never cached, but is intended for non-idempotent operations. A solution using the GET request method is to include a unique querystring with each call, as shown in the example below.

req.open("GET", "xmlprovider.php?hash=" + Math.random());

or set the Expires header to an old date in your script that generates the XML content. For PHP that would be

header( "Expires: Mon, 26 Jul 1997 05:00:00 GMT" ); // disable IE caching
header( "Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . "GMT" );
header( "Cache-Control: no-cache, must-revalidate" );
header( "Pragma: no-cache" );

Alternatively, force the XMLHTTPRequest object to retrieve the content anyway by including this in the request:

req.open("GET", "xmlprovider.php");
req.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT");
req.send(null);

The source link for above is here. Thinking maybe you could try this "GET request" work-around I highlighted in the first paragraph. Studying this more closely myself.

Top
Page 1 of 2 12>


Moderator:  Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart 
Hop to:
Shout Box

Who's Online
1 registered (Allen) and 466 anonymous users online.
Newest Members
gespanntleuchten, DaveatAdvanced, Paulo_Alves, UsTaaa, xxJJxx
17864 Registered Users

Generated in 0.073 seconds in which 0.024 seconds were spent on a total of 13 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org