Novell Home

Anti-Virus Updates

Novell Cool Solutions: Cool Tool

Digg This - Slashdot This

In Brief

NAV automatic download of new virus definitions.

Vitals

Product Categories:
  • Novell Client
  • ZENworks
  • Functional Categories:
  • Virus Protection
  • Posted:8 Oct 2002
    File Size:253KB
    License:Free
    Download:/coolsolutions/tools/downloads/nav.zip
    Publisher:Ben Donohue

    Disclaimer

    Please read the note from our friends in legal before using this file.


    Details

    Main problem:
    How to get all the workstations updated with the latest anti-virus definitions using a simple batch file. This solution uses a few DOS utilities, a Windows workstation and Novell ZENworks or even just the Novell login script.

    Reason for problem:
    People will not download the definitions on their own.
    Will have to give all people web access.
    Waste of time everyone doing it themselves.
    Cannot take chance of our organisations emails going out with viruses.
    Cannot take chance of incoming emails manually being checked.
    Chance of workstation downtime, lost productivity, etc.

    Technical hurdles:
    Automatically downloading the file from the Symantec website.
    File name changes frequently so you cannot ask for the same name all the time.
    Copying the file to all regions.
    Getting the files onto the workstations.
    Getting the files onto the workstations without user intervention.
    Staying up to date with the latest anti-virus definitions.
    Updating the workstations in a timely manner.

    Solution:
    The solution is in three parts.
    1. A process that automatically runs several times a day.
    2. The process downloads the file, irrespective of name, renames it, and copies it to all servers.
    3. Definition copied onto all workstations without user intervention.

    Detailed explanation:

    1. Automatic process:
    Using the AT command on a windows workstation we can get it to run a batch file several times a day and every day of the week. This can be copied into a file and saved as a batch file. It only needs to be run once as it is recurring every day. The AT command is setup like this:

    ************************* cut below here *************************
    at /del /y
    echo.
    echo.
    at 02:00 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
    at 08:30 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
    at 14:00 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
    at 20:30 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
    echo.
    echo.
    at
    echo.
    echo.
    ************************* cut above here *************************

    2a. Batch file:
    Cut and paste this into a DOS based batch file.
    Call it whatever you like. Currently it is called go.bat.

    ************************* cut below here *************************
    @echo off
    cls
    if exist c:\navup\download.bat del c:\navup\download.bat
    if exist date del date
    if exist date.txt del date.txt
    if exist download.txt del download.txt
    copy blank.txt download.bat
    copy download.bat+start.txt download.bat
    maketxt download.bat /c
    copy download.txt download.bat
    del download.txt
    fdate /Fsub /N1 /Ommdd>date
    maketxt date /c
    copy download.bat+date.txt download.bat
    maketxt download.bat /c
    copy download.txt download.bat
    del download.txt
    copy download.bat+end001.txt download.bat
    maketxt download.bat /c
    copy download.txt download.bat
    type download.bat

    rem *** download file to server ***
    echo.
    echo.
    echo Downloading file from Internet...
    echo.
    echo.
    call download.bat
    if errorlevel==1 goto error

    rem *** copy to server or servers ***
    echo Distributing files to other servers...
    echo Copying file to YourServerName.
    net use r: \\servername\volumename /user:<your login name here>
    del r:\ sarc-i32.exe
    copy c:\navup\sarc-i32.exe r:\
    net use r: /del

    echo.
    echo.
    goto end

    :error
    echo.
    echo.
    echo There is currently no update.
    echo.
    echo.

    :end
    echo Process ended.
    echo.
    echo.
    ************************* cut above here *************************

    2b. These files are included in this ZIP file, and are needed in the directory you are running the download.bat from.

    Create a blank text file called blank.txt with no carriage return or line feed. (This is easily done in notepad.exe by not entering a carriage return at the end of the line).

    Create a file called start.txt with the following included:
    url2file http://securityresponse.symantec.com/avcenter/download/us-files/2002
    with no carriage return or line feed.

    Create a file called end.txt with the following included:
    -001-i32.exe sarc-i32.exe -x YourProxyServerNameHere -y 8080

    FDATE.EXE (included) from the Novell free tools site. Use this utility to get the current date. I use it with the subtract feature because Australia is ahead of the US in time zones so we need to delete a day from the date given by FDATE.EXE to get the current file from the US site.

    MAKETXT.EXE (included) for stripping out CR/LF from text files. This or any other simple DOS utility that strips CR/LF from text files. This is needed for the download.bat file to be correctly made on a Windows 2000 workstation. Different windows platforms handle DOS batch file creation and appending a bit differently so experiment with other platforms.

    URL2file.EXE (included) - Great utility that can download a file from a website from within a DOS box.

    3. Novell Login script or ZENworks
    The updated file can easily be distributed out the workstations via the Novell Login Script or via an Application object.

    For Login Script:
    Put the following in the container Login script to allow users to get the updated anti-virus file automatically upon login.
    #sarc-i32.exe /q

    For Application Object:
    Path to executable file:
    r:\sarc-i32.exe /q
    Set other Application object options as you prefer.

    4. Notes.
    Symantec also changes their update file to have a number in the name such as -001- or -002- etc. This number should reset to 001 each day on their website as it tells which version of the file for a given day. The download.bat file could be duplicated with end.txt files with 002, 003, etc to make sure you got the latest patch for the day. I don't think they would be updating the file more than a half dozen times a day. A daily update for the anti-virus should be sufficient for most organisations.

    URL2file.EXE has switches to use proxy servers. Use -x and -y switches if you need to.
    FDATE.EXE. Use Fdate /ff /ommdd for downloading the update in the US.

    Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

    © 2014 Novell