I'm trying to use Trend Micro's vscan program for use with
exiscan.. exiscan is working fine now.... and to test virus detection, I
sent eicar test virus through my email system.... It wasn't detected....
$scannerex="/etc/iscan/vscan";
%scannerflags = (
'mcafee' => '--noboot --unzip -r <DIRECTORY>',
'sophos' => '-all -archive -ss <DIRECTORY>',
'nod32' => '-heursafe
-basedir=/usr/local/nod32/nod32 -all <DIRECTORY>',
'rav' => '-all -listall -mail -smart -unzip
<DIRECTORY>',
'antivir' => '-v -z -allfiles -noboot -s -tmp
<DIRECTORY>',
'custom' => '-a -c1 -c2 -nl -r -s -u -y20 -sd -r
<DIRECTORY>'
);
scannerregexp = (
'mcafee' => 'Found',
'sophos' => 'found',
'nod32' => ' - ',
'rav' => 'Infected: [1-9]',
'antivir' => 'VIRUS',
'custom' => '\*\*\* Found virus'
);
[peter@localhost peter]# /etc/iscan/vscan /home/shared/eicar.com
Virus Scanner v3.1, VSAPI v5.600-1011
Trend Micro Inc. 1996,1997
Pattern version 327
Pattern number 46759
/home/shared/eicar.com
*** Found virus Eicar_test_file in file /home/shared/eicar.com <= How do I
make use of this for exiscan to know that a virus has
been
detected?
==============================
Directory:
Searched : 0
File:
Searched : 1
Scan : 1
Infected : 1
Infected : 1(Include files been compressed)
Time:
Start : 7/27/02 19:13:25
Stop : 7/27/02 19:13:25
Used : 00:00
exiscan.. exiscan is working fine now.... and to test virus detection, I
sent eicar test virus through my email system.... It wasn't detected....
$scannerex="/etc/iscan/vscan";
%scannerflags = (
'mcafee' => '--noboot --unzip -r <DIRECTORY>',
'sophos' => '-all -archive -ss <DIRECTORY>',
'nod32' => '-heursafe
-basedir=/usr/local/nod32/nod32 -all <DIRECTORY>',
'rav' => '-all -listall -mail -smart -unzip
<DIRECTORY>',
'antivir' => '-v -z -allfiles -noboot -s -tmp
<DIRECTORY>',
'custom' => '-a -c1 -c2 -nl -r -s -u -y20 -sd -r
<DIRECTORY>'
);
scannerregexp = (
'mcafee' => 'Found',
'sophos' => 'found',
'nod32' => ' - ',
'rav' => 'Infected: [1-9]',
'antivir' => 'VIRUS',
'custom' => '\*\*\* Found virus'
);
[peter@localhost peter]# /etc/iscan/vscan /home/shared/eicar.com
Virus Scanner v3.1, VSAPI v5.600-1011
Trend Micro Inc. 1996,1997
Pattern version 327
Pattern number 46759
/home/shared/eicar.com
*** Found virus Eicar_test_file in file /home/shared/eicar.com <= How do I
make use of this for exiscan to know that a virus has
been
detected?
==============================
Directory:
Searched : 0
File:
Searched : 1
Scan : 1
Infected : 1
Infected : 1(Include files been compressed)
Time:
Start : 7/27/02 19:13:25
Stop : 7/27/02 19:13:25
Used : 00:00