Updating InoculateIT Signatures on a NetWare Server with NetMail
Novell Cool Solutions: Tip
By Jim Koerner
Digg This -
Posted: 12 Jul 2002
Recently on the nimsinfo mailing list we had been talking about a way to update signature files automatically for InoculateIT when you use it with NetMail. A few suggestions were presented and with those ideas I finished up a NSN script to do the download and update automatically.
The package to do the updates consists of the following:
- INOCUP.NLM - Compiled NSN Script. placed in SYS:\System
- INOCUP.CFG - Configuration file. placed in SYS:\Etc
- INOCUP.BAS - NSN Source file. placed in SYS:\NSN\User. Source file for modification if wanted.
- CRONTAB INOCUP SAMPLE - Sample crontab file set to run the program every hour.
Download the zip file here: inocup.zip. The zip file has all the previously mentioned files and are pathed from the root of the SYS volume. Unzipping it to the root should drop the files into the correct locations.
On your NetMail server add CRON into your autoexec.ncf so you can schedule the job. Once you place the program files where they belong add a line into your crontab file to run the update program on the schedule you want.
0 * * * * inocup will run the program on the hour.
The Inocup.cfg file controls where files go and has other variables for the program. The file is laid out as follows:
- anonymous - FTP user login name
- firstname.lastname@example.org - FTP server password. use e-mail address
- ftp.ca.com - 1st CA FTP server to check
- ftpz.ca.com - 2nd CA FTP server to check
- ftpav.ca.com - 3rd CA FTP server to check
- /pub/inoculan/scaneng - Signature text file location
- /pub/inoculan/scaneng - Signature file location
- Siglist.txt - Signature text file
- fi_nlm.zip - Signature file to download
- SYS:\Inoculan\ - location of virsig.dat also downloads files to this location
The program does the following:
- Tries 3 different CA ftp servers. Covers you if one of CA servers is down.
- Checks your current signature version against the version on the FTP site.
- If version is new or you have never run the program it downloads the signature file. This allows you to CRON the job on a tighter schedule and get almost realtime virus signature updates without the overhead of downloading the 1.5MB file on each run. I have mine set to run every hour now. If no update is required the checking takes less then 15 seconds.
- Unzips and copies virsig.dat and avengine.nlm to the correct locations for NetMail's use.
- Updates a text file with the current signature number.
- Logs everything it does into inocup.log in SYS:\etc
This program only updates the engine(Avengine.nlm) and the virsig.dat that NetMail requires for virus scanning. I don't run the full file scanning on our mail server so I don't install the full signature package. The inocup.bas could be modified to do it though.
You also need to have the new version of NSN installed on the server.
A older version is installed by default on 5.1 and 6.0 but the version at http://developer.novell.com/ndk/nscript.htm was updated May 2002 and is what I used to compile the NLM.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com