Antivirus engine check utility
From: Michel Gallant (MVP) (neutron@istar.ca)
Date: 11/01/02
- Next message: Gary Flynn: "Re: Port usage and associated process"
- Previous message: Michel Gallant (MVP): "Re: Port usage and associated process"
- Next in thread: Bill Sanderson: "Re: Antivirus engine check utility"
- Reply: Bill Sanderson: "Re: Antivirus engine check utility"
- Reply: Ned Flanders: "Re: Antivirus engine check utility"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 01 Nov 2002 13:12:16 -0500 From: "Michel Gallant (MVP)" <neutron@istar.ca>
I have developed a utility to proactively check if your antivirus engine
is actually working and that it is configured properly to scan all file types.
Don't rely on that icon-tray .... make SURE it actually is working!
Originally targetted at NAV, I have reduced the functionality to implement
an AV engine check from a digitally-signed web page to:
- attempt to write the standard EICAR virus string, as a text file, to the
local client and detect the AV engine response (the EICAR string is byte-wise
embedded in the signed Java applet)
- invoking the "cmd /K net share" command on NT, 2000 or "netwatch.exe" for Win9x
to easily allow any user to see their network shares (again for non-savy users)
Might be interesting to see if any firewalls/gateways are intelligent enough to pick up
the eicar string embedded this way :-)
Anyone wishing to try the utility, email me for the link.
- Michel Gallant
MVP Security
http://home.istar.ca/~neutron
- Next message: Gary Flynn: "Re: Port usage and associated process"
- Previous message: Michel Gallant (MVP): "Re: Port usage and associated process"
- Next in thread: Bill Sanderson: "Re: Antivirus engine check utility"
- Reply: Bill Sanderson: "Re: Antivirus engine check utility"
- Reply: Ned Flanders: "Re: Antivirus engine check utility"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
