sweep and Norton

Thomas DuVally thomas_duvally at BROWN.EDU
Mon Sep 23 20:01:01 IST 2002 

Nick,
        It sounds as if you guys are much too far along to bother with this is
this release.  It's an awful hack and would need a lot more work to make
it useful for anyone not willing to spend an hour tweaking it.  I've
made it work at my site.  That's all I know how to do at the moment, but
I am planning on making it a little more portable.  I just wanted to let
you and anyone else interested that it is possible.
        I'm going to try it with v4 soon, but after i get 3.22 in production
(couple weeks).

        Attached are the patch and a README file.

Thanks!

On Fri, 2002-09-20 at 03:09, Nick Phillips wrote:
>
> Yeah, why not, it certainly won't do any harm, and it might give one
> of us an idea or two... we've postponed modularising the scanning functions
> until the next major release so as to get this one (v4) out of the door
> in a reasonable time, so even if it's not practical to merge it all in
> now, we can bear it in mind then...
>
--
Tom DuVally
Lead Sys. Programmer
CIS, Brown University
p 401-863-9466
-------------- next part --------------
MailScanner sweep.pl patch
-----------------------------------------------
This patch is for MailScanner-3.22.14.  It gives MailScanner the
ability to use Symantecs Carrier Scan Server and Command Line
Scanner.

----------------------------------------------------------------------
Nortons Carrier Scan is a deamon based, network based scanning service.
Applications would send files over the network to be scanned and expect a
response.  Symantec also created a command line tool for Unix to access the service.

Changes made to sweep.pl to force compatibility with Norton/Symantec likely makes it
incompatible with other scanners.  

Explination of changes:

- Created hash for "symcmd"
        uses -i 1 level of output
        uses -l for local scanning - scanner now needs absolute path to directoy

- Created Parser
        created two global tmp variable for output
        does nothing, like most of the parsers seem to

- Created output processer
        included sample output
        looks for line beginning inf
        if "infected" store in tmp variable
        if "info: store in another tmp variable
        assign tmps to infected and report, respectively
        if report assigned, split path - this is hard coded to be root and four dirs.
        undef tmp variable for next output

- Make command call contain BaseDir
        needed for -l local scanning
-------------- next part --------------
A non-text attachment was scrubbed...
Name: norton-sweep.diff
Type: text/x-patch
Size: 5132 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20020923/9aec717d/norton-sweep.bin

More information about the MailScanner mailing list