Date: Fri, 26 Sep 2003 11:10:17 -0600 From: "Jan L. Peterson" <jlp@softhome.net> To: Chris Dillon <cdillon@wolves.k12.mo.us> Cc: Drew Derbyshire <avatar@2003-09.plus.kew.com> Subject: Re: I've had enough. I'm starting a DNS blackhole list. Message-ID: <20030926171017.1EA12C5386@aurora.peterson.ath.cx> In-Reply-To: Your message of "Fri, 26 Sep 2003 10:21:43 CDT." <20030926101923.G56428@duey.wolves.k12.mo.us> References: <8765jhg7eo.fsf@strauser.com> <004001c38302$c8589e50$84cba8c0@kendra> <20030925144634.R43401@duey.wolves.k12.mo.us> <20030926142107.2A327C5386@aurora.peterson.ath.cx> <20030926101923.G56428@duey.wolves.k12.mo.us>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multipart MIME message. --==_Exmh_21415240630 Content-Type: text/plain; charset=us-ascii > How are you finding out what they added? Does freshclam offer the > option of telling you? When you run freshclam, include an options like this: --on-update-execute=/path/to/freshclam.successful freshclam.successful is attached... you'll need to edit the e-mail address that it sends the update report to. Oddly, it tells me every day that some 200+ virus definitions were modified, but I can't see that they were. It hasn't bugged me enough to fix it, though. :-) Basically, it keeps the previous copy of the viruses.db and viruses.db2 files and diffs them. Hope this helps. -jan- -- Jan L. Peterson Semi-Unemployed "Computer Facilitator" http://www.peterson.ath.cx/~jlp/resume.html --==_Exmh_21415240630 Content-Type: text/plain ; name="freshclam.successful"; charset=us-ascii Content-Description: freshclam.successful Content-Disposition: attachment; filename="freshclam.successful" #! /usr/local/bin/perl %ENV = (); $ENV{'IFS'} = " \t"; $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin'; $update_mail_from = 'put_a_local_email_address_here@your.own.domain'; $update_mail_to = 'where_you_want_the_mail_sent@your.own.domain'; $clamdir = '/path/to/your/clamav'; # dir where your viruses.db{,2} are use Net::SMTP; use File::Copy; chdir('/usr/local/share/clamav'); foreach $tab ('viruses.db', 'viruses.db2') { &process($tab); } $mod = scalar(@mod); $new = scalar(@new); $rem = scalar(@rem); if ($mod + $new + $rem > 0) { $smtp = Net::SMTP->new('localhost'); $smtp->mail($update_mail_from); $smtp->to($update_mail_to); $smtp->data(); $smtp->datasend("From: $update_mail_from To: $update_mail_to Subject: freshclam success, $new new, $mod modified, $rem removed "); if ($new > 0) { $smtp->datasend("New Definitions:\n"); foreach $tag (sort @new) { $smtp->datasend(" $tag\n"); } $smtp->datasend("\n"); } if ($mod > 0) { $smtp->datasend("Modified Definitions:\n"); foreach $tag (sort @mod) { $smtp->datasend(" $tag\n"); } $smtp->datasend("\n"); } if ($rem > 0) { $smtp->datasend("Removed Definitions:\n"); foreach $tag (sort @rem) { $smtp->datasend(" $tag\n"); } $smtp->datasend("\n"); } $smtp->dataend(); $smtp->quit; } sub process { my($vtab) = @_; # load old virus data open(OLD, ${vtab} . '-'); while (<OLD>) { ($tag, $pat) = split(m/=/); $ov{$tag} = $pat; } close(OLD); # read new virus data open(NEW, $vtab); while (<NEW>) { ($tag, $pat) = split(m/=/); $nv{$tag}++; if (defined($ov{$tag})) { if ($ov{$tag} ne $pat) { push(@mod, $tag); } } else { push(@new, $tag); } } close(NEW); rename($vtab . '-', $vtab . '+'); copy($vtab, $vtab . '-'); foreach $tag (keys %ov) { if (!defined($nv{$tag})) { push(@rem, $tag); } } } --==_Exmh_21415240630--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030926171017.1EA12C5386>