Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Kerio needs to get McAfee DATs out quicker
  •  
sedell

Messages: 1168
Karma: 1
Send a private message to this user
This is the second time that a virus has gotten through the mail server McAfee scanner. Again, upon checking into it, I find that there's already a DAT available to detect the virus. After manually updating the DAT on the mailserver, it detects the virus.

Kerio really needs to get these DATS out earlier than 12pm EST. Viruses spread way to fast to delay getting DATs out.

Scott
  •  
lebobo

Messages: 57

Karma: 0
Send a private message to this user
Yess ! You are right ! I use a small batch file that download last definitions of virus and uncompress it to McAfee folder of Kerio. It works very good with Windows 2003 Srv !

Here is my batch file, you have to put it into folder "C:\Program Files\Kerio\MailServer\mcafee"


echo open ftp.nai.com >SDATFtp.txt
echo anonymous>>SDATFtp.txt
echo bruno<_at_>e-pelzer.com>>SDATFtp.txt
echo cd pub >>SDATFtp.txt
echo cd datfiles >>SDATFtp.txt
echo cd french >>SDATFtp.txt
echo binary >>SDATFtp.txt
echo mget *.exe >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo y >>SDATFtp.txt
echo bye >>SDATFtp.txt


sleep 5
ftp -s:SDATFtp.txt
sleep 5
ren sdat*.exe SuperDAT.exe
net stop "Kerio MailServer"
sleep 5
SuperDAT.exe -e
sleep 30
net start "Kerio MailServer"
del sdat*.exe

  •  
sedell

Messages: 1168
Karma: 1
Send a private message to this user
That looks interesting, thanks. I'll have to add it to my list as yet another work around for something Kerio doesn't do properly.

Just curious... what time to you normally run it? These last two times I've had a virus get in, it appears the new DAT was available some time between 6am and 7am, but not updated on Kerio's server for auto update until about 12pm.

Scott
  •  
Jason

Messages: 12
Karma: 0
Send a private message to this user
Very Nice!

Minor changes for the US (make sure to replace <_at_>'s with "at" symbols):

REM This batch file updates the Network Associates (McAfee)
REM virus files

<_at_>echo off
if exist sdat*.exe del sdat*.exe
if exist SuperDAT.exe del SuperDAT.exe

echo open ftp.nai.com >SDATFtp.txt
echo anonymous>>SDATFtp.txt
echo joe<_at_>foo.com>>SDATFtp.txt
echo cd pub >>SDATFtp.txt
echo cd antivirus>>SDATFtp.txt
echo cd superdat>>SDATFtp.txt
echo cd intel>>SDATFtp.txt
echo binary >>SDATFtp.txt
echo mget sdat*.exe >>SDATFtp.txt
echo y >>SDATFtp.txt
echo bye >>SDATFtp.txt

ftp -s:SDATFtp.txt
if not exist sdat*.exe goto noUpdate
ren sdat*.exe SuperDAT.exe
net stop "Kerio MailServer"
SuperDAT.exe -e
net start "Kerio MailServer"
del SuperDAT.exe
goto bail

:noUpdate
echo No update is available

:bail
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
sedell wrote on Fri, 27 May 2005 17:12

That looks interesting, thanks. I'll have to add it to my list as yet another work around for something Kerio doesn't do properly.

Just curious... what time to you normally run it? These last two times I've had a virus get in, it appears the new DAT was available some time between 6am and 7am, but not updated on Kerio's server for auto update until about 12pm.


We're checking McAfee site for new updates every hour. New DAT files are usually released at 18:00 CEST (9am PDT).

Petr Dobry
Product Development Manager | Kerio
  •  
guig

Messages: 64
Karma: 0
Send a private message to this user
> Lebobo & Jason,

Thanks for this batch !

i've tested it but got an error "invalid command port" ...

I tried to change ftp rules in firewall, but same problem ...

an idea ?

thanks in advance

guig
  •  
Jason

Messages: 12
Karma: 0
Send a private message to this user
If you leave "echo on", can you specify which command you're seeing the error on?
  •  
guig

Messages: 64
Karma: 0
Send a private message to this user
Hi Jason,

here is the error :
"ftp> open ftp.nai.com
Connecté à ftp.nai.com.
220 DALDLFTP3 Microsoft FTP Service (Version 5.0).
Utilisateur (ftp.nai.com:(none)) :
331 Anonymous access allowed, send identity (e-mail name) as password.

230-You are connected to ftp.nai.com.Your use is subject to the terms and condit
ions in Legal.TXT and Usage.TXT files
230 Anonymous user logged in.
ftp> cd pub
250 CWD command successful.
ftp> cd antivirus
250 CWD command successful.
ftp> cd superdat
250 CWD command successful.
ftp> cd intel
250 CWD command successful.
ftp> binary
200 Type set to I.
ftp> mget sdat*.exe
Invalid PORT Command."

can you see what's the problem ?

thanks !
Previous Topic: TOO MANY OPEN FILE Errors
Next Topic: KMS 6.0.10: webmail openFolder error
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 12:36:25 CET 2017

Total time taken to generate the page: 0.00495 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.