Example Scripts
Examples Written in C/C++
makevdl.c - This C++ program demonstrates how one might write a program that creates VDL models from generic scan codes. This program has been compiled and tested on Microsoft Windows NT 4.0.
makevdl2.c - The ANSI C version of the previous example.
Examples of bash/bourne Scripts
The following three examples are for SUN MICROSYSTEMS SOLARIS 2.X based systems. You must use these examples if you are using that system because the "find" command does not reliably report simple files when using the "-type f" option. These scripts have been modified to insure VFind does not get caught reading an endless FIFO or dev file. You may need to modify these scripts depending upon your specific system installation. Scripts modified 03/26/2001
vfind_solaris.sh - This script runs VFind alone on a Sun Solaris 2.X system. Output is mailed to root.
vstkuad_solaris.sh - This script runs VFind with UAD on a Sun Solaris 2.X system. Output is mailed to root.
vstk_solaris.sh - This script runs VFind with CIT, UAD, Loop back Head and Loop back Tail on a Sun Solaris 2.X system. This is the recommended script for full production runs. Output is mailed to root.
csh Examples
runtest.csh - This script allows you to determine your VTN (VFind Throughputs Number) and can be used to speed up VFind on your system. Warning: This script has only been tested on Sun Microsystems Sparc Solaris 2.6. Read the program comments prior to operation.
uad.csh - This script makes it easier for users to run UAD for identifying and decomposing complex files.
vfchmod.csh - This script will isolate infected files by setting their permission bits to zero. WARNING: If the script changes permissions on system critical files, the system can become unstable.
vfmv.csh - This script will interactively move infected files to a quarantine directory. WARNING: moving system critical files can cause the system to become unstable.
vfrm.csh - This script will interactively delete infected files. WARNING: Deletion of system critical files can cause the system to become unstable.
vfstab.csh - This script will scan the file system by examining the contents of the /etc/exports table. We are not sure why one would want to do this, but it is a great example of how easily the VSTK can be customized for your specific needs.
Local System Examples
Examples bash/bourne Scripts
The following three examples are for SUN MICROSYSTEMS SOLARIS 2.X based systems. You must use these examples if you are using that system because the "find" command does not reliably report simple files when using the "-type f" option. These scripts have been modified to insure VFind does not get caught reading an endless FIFO or dev file. You may need to modify these scripts depending upon your specific system installation. Scripts modified 03/26/2001.
vstkuad_solaris.sh - This script runs VFind with UAD on a Sun Solaris 2.X system. Output is mailed to root.
vstk_solaris.sh - This script runs VFind with CIT, UAD, Loop back Head and Loop back Tail on a Sun Solaris 2.X system. This is the recommended script for full production runs. Output is mailed to root.
Generic Examples
vtape.sh - This script will use the VSTK to scan a multi-file tape for hostile content. For example: if you had a tape that contained more than one tar file, this script would continue scanning until it reached the end of information marker rather than the end of file marker at the end of each tar file.
boot.sh - Uses Bhead and VFind to scan the first few bytes of a disk.
cit.sh - Runs CIT by itself.
thd.sh - Runs THD by itself.
uad_vfind.sh - Runs UAD and VFind using SmartScan)
uad_vfind_lb.sh - Same as above except it also uses the loop back tools.
vstk.sh - Runs CIT, UAD, and VFind.
vstk_lb.sh - Runs CIT, UAD, VFind, and the loopback tools.
Examples csh Scripts
runtest.csh - This script allows you to determine your VTN (VFind Throughputs Number) and can be used to speed up VFind on your system. Warning: This script has only been tested on Sun Microsystems Sparc Solaris 2.6. Read the program comments prior to operation.
uad.csh - This script makes it easier for users to run UAD for identifying and decomposing complex files.
vfchmod.csh - This script will isolate infected files by setting their permission bits to zero. WARNING: If the script changes permissions on system critical files, the system can become unstable.
vfmv.csh - This script will interactively move infected files to a quarantine directory. WARNING: moving system critical files can cause the system to become unstable.
vfrm.csh - This script will interactively delete infected files. WARNING: Deletion of system critical files can cause the system to become unstable.
vfstab.csh - This script will scan the file system by examining the contents of the /etc/exports table. We are not sure why one would want to do this, but it is a great example of how easily the VSTK can be customized for your specific needs.
Management Examples
makevdl.c - This C++ program demonstrates how one might write a program that creates VDL models from generic scan codes. This program has been compiled and tested on Microsoft Windows NT 4.0.
makevdl2.c - The ANSI C version of the previous example.
Programmer Examples
Read the SmartScan White Paper
Examples of VFind daemon scripts
pipe1.txt - Text file explaining pipe1.sh and file1.sh scripts
pipe1.sh - Example script to startup VFind as a daemon process using named pipes.
file1.sh - Example script to process one file using VFind via pipes.
This is an update of older scripts from May 2002 which only started one VFind daemon and were unreliable on some systems. This version can start multiple VFind daemons, and is more robust. VFind-13.6.0 or later is required due to necessary use of the -i,--ignore-eof option. These scripts have been tested on Solaris and Debian/Linux.
README
pipe2.tar.Z - These are example scripts for using multiple VFind daemon processes run in the background using named pipes for input. For VFind-13.6.0
For use in your own C daemon code, uad_vfind_pipe() is a sample function which creates a uad|vfind pipeline using UNIX pipe file descriptors. It includes sample test programs demonstrating how to feed file names to the UAD input pipe and read results from the VFind output pipe.
uad_vfind_pipe.tar.Z
Examples for VFind Turbo
vfproxy.py - This Python program demonstrates how one might write a program that uses VFind Turbo to scan web site accesses.
Examples of VFind Daemon Scripts
pipe1.txt - Text file explaining pipe1.sh and file1.sh scripts
pipe1.sh - Example script to startup VFind as a daemon process using named pipes.
file1.sh - Example script to process one file using VFind via pipes.
Remote System Examples
Download Wget.sh.zip
Download GNU Wget Source
Wget Script Download
# Use wget and uad|vfind to download, scan, and save only infected files
#
# Usage: wget.sh [wget options] [URL ...]
#
# Example: wget.sh http://www.domain.net/
#
# Files will be downloaded to a www.domain.net subdirectory;
# wget and vfind results will be logged to www.domain.net.LOG;
# files not flagged as containing a virus will be removed;
# only files flagged as containing a virus will be saved.
#
###
##
# Please modify this script to suit your requirements before trying to use it.
# CyberSoft, Inc. is not responsible for any damage, be it physical or mental,
# caused or indirectly caused by this example script.
#
# Copyright (c) April 2003 by CyberSoft, Incorporated.
##
###
Test and Misc. Scripts to Enhance VFind
Wget Script Download
# Use wget and uad|vfind to download, scan, and save only infected files
#
# Usage: wget.sh [wget options] [URL ...]
#
# Example: wget.sh http://www.domain.net/
#
# Files will be downloaded to a www.domain.net subdirectory;
# wget and vfind results will be logged to www.domain.net.LOG;
# files not flagged as containing a virus will be removed;
# only files flagged as containing a virus will be saved.
#
###
##
# Please modify this script to suit your requirements before trying to use it.
# CyberSoft, Inc. is not responsible for any damage, be it physical or mental,
# caused or indirectly caused by this example script.
#
# Copyright (c) April 2003 by CyberSoft, Incorporated.
##
###
Back
