Symantec CmdLine support
Thomas DuVally
thomas_duvally at BROWN.EDU
Wed Jul 10 13:13:57 IST 2002
Ok, so I cut and pasted a few bits in the sweep.pl. The "my &Scanners
=" just seemed to be command line options. That took a little time
since I had to figure out how to get the scanner to print any good info.
I didn't understand what "InitParser," was for, but since it didn't seem
used by most scanners, i ignored it.
Now for the big one. "ProcessOutput". I don't think I understand this
part much. I did cut and pasted, but with only minimal success. I got
it to detect a virus (eicar test string), but it wouldn't clean it.
Also got errors to the console.
Is every line of output passed through this one at a time? I know what
lines are important in the output. Just two from what I figure:
Infected: /PATH/TO/FILE
Info: Virus name ( what was done to it )
The rest is status and info about none infected files (symlinks, time
taken, blah, blah)
On Tue, 2002-07-09 at 17:40, Jonothon Ortiz wrote:
> >> I REALLY want to figure this out. Would a discussion of how to
> parse a
> >>virus output be too much to ask for here? :)
>
> Yes <fleeeeeeeeeeeeeeeEEEEEEEEEEEE!> lol
>
> seriously, it sounds like a fun and educational idea...I know I would learn
> a bit from a discussion like this.
--
Tom DuVally
Lead Sys. Programmer
CIS, Brown University
p 401-863-9466
More information about the MailScanner
mailing list