Endpoint Protection

 View Only

  • 1.  Download mode for Symantec FTP site

    Posted Jun 03, 2010 03:26 AM
    Dear all,

    I am now trying to write a script or program to automatically download the needed Intelligent Updater for EndPoint Protection client. However, I want to know that:

    1. Is there any push mode I can use? That is, instead of have the program to check the FTP site for new release in a certain interval, is there any way to subscript to the new release event and create an event handler for the event?

    2. If I am using the pull mode (that is, have my script to query the server in a certain interval), is there any file that indicates there is a new release and the file name for it? Or, I have to have the program to query the server for the new released files any decided to download it or not base on the naming convention?

    Thanks in advance

    Cell


  • 2.  RE: Download mode for Symantec FTP site
    Best Answer

    Posted Jun 03, 2010 04:27 AM


    1. Is there any push mode I can use? That is, instead of have the program to check the FTP site for new release in a certain interval, is there any way to subscript to the new release event and create an event handler for the event?
    -- I don't think there is such a way possible.

    2. If I am using the pull mode (that is, have my script to query the server in a certain interval), is there any file that indicates there is a new release and the file name for it? Or, I have to have the program to query the server for the new released files any decided to download it or not base on the naming convention?

    --yes there is a naminh convention.

    the first path of the file mentions the date , the second part hasthe revision no.and the next part gives information about the platform ( 32 bit 0r 64 bit)


    20100602-034-v5i32.exe  |

    20100602  (date  2 june,2010)
    -034-    ( Rev 34)( For 32 bit machine)
    v5i32.exe  ( For 32 bit machine)|


  • 3.  RE: Download mode for Symantec FTP site

    Posted Jun 03, 2010 04:42 AM

    Use this document
    How to automatically update Symantec AntiVirus Corporate Edition definitions without using LiveUpdate
    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2002091816510548
    you need to modify the script to what you want to download



  • 4.  RE: Download mode for Symantec FTP site

    Posted Jun 03, 2010 09:08 AM
      |   view attached

    you can use wget to achieve the task for u.


    i have made a autoit script which does the same. Attaching those files please free to share more ideas. and this works with direct internet connection. u need to modify for proxy usage.

    Note : Recently uploaded media files are still processing:

    • auto updater.zip



  • 5.  RE: Download mode for Symantec FTP site

    Posted Jun 03, 2010 01:39 PM

    Here is the script to pull the JDB to update . Remember if you are updating via jdb or intelligent updater you will only be updating the antivirus and antispyware definitions since proactive threat and network threat need an internet connection to update.

     

    To use the JDBdown.cmd script to update a Symantec Endpoint Protection Manager installation

    Save the script to a folder on the hard drive.

    Open the script in a text editor such as Notepad.exe.

    Change the @set COPY_JDB_TO  line to point to the correct folder for your installation of Symantec Endpoint Protection Manager. For example:

    @set COPY_JDB_TO="C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming"

    Set the line @set RAPIDRELEASE=0 to =1 if you want to use Rapid Release definitions. These are released hourly, but are not passed by a full quality analysis process. Do not use Rapid Release definitions unless there is a critical need for the newest definitions.

    If you want the script to run unattended, use the Windows Task Scheduler to schedule it.

     

     

    To use the JDBdown.cmd script to update a managed Symantec Endpoint Protection Client installation

    Verify / Enable the Third-Party distribution for the Client http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007092721070448

    Save the script to a folder on the hard drive.

    Open the script in a text editor such as Notepad.exe.

    Change the @set COPY_JDB_TO  line to point to the correct folder for your installation of Symantec Endpoint Protection Client. For example: 

    @set COPY_JDB_TO="C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\inbox"

    5.     Set the line @set RAPIDRELEASE=0 to =1 if you want to use Rapid Release definitions. These are released hourly, but are not passed by a full quality analysis process. Do not use Rapid Release definitions unless there is a critical need for the newest definitions.

    6.     If you want the script to run unattended, use the Windows Task Scheduler to schedule it.

     

     

    To use the JDBdown.cmd script to update a unmanaged Symantec Endpoint Protection Client installation

    1. If you installed unmanaged clients from the installation CD, the clients do not trust and do not process content or policy updates for security purposes. To enable these clients to process updates, you have to create the following registry key: HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\TPMState

    Set the value to hexadecimal 80 so that the key looks like 0x00000080 (128)

    2. Restart the machine and the following directory appears on the client computers that do not run Windows Vista: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\inbox

    3. Open the script in a text editor such as Notepad.exe.

    4. Change the @set COPY_JDB_TO  line to point to the correct folder for your installation of Symantec Endpoint Protection Manager. For example:

         @set COPY_JDB_TO="C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\inbox"

    5. Set the line @set RAPIDRELEASE=0 to =1 if you want to use Rapid Release definitions. These are released hourly, but are not passed by a full quality analysis process. Do not use Rapid Release definitions unless there is a critical need for the newest definitions.

    6. If you want the script to run unattended, use the Windows Task Scheduler to schedule it.

     

    @set COPY_JDB_TO="C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming"

    @set RAPIDRELEASE=0

    @set JDBTEMP=%temp%

     

    @rem ==============================================================================================

    @rem Set RAPIDRELEASE=1 to download repidrelease definitions, RAPIDRELEASE=0 for fully QA'd definitions (standard).

    @rem Change COPY_JDB_TO= to point to the SAV CE server directory (or where you want the XDB file copied)

    @rem   you can also run the script directly from the SAV folder and it will copy the definitions there.

    @rem JDBTEMP is the temp folder the script will use while downloading definitions, set to %temp% to use system default

    @rem ==============================================================================================

    @rem  Script for downloading virus definition updates for

    @rem  Symantec Antivirus Corporate Edition version 8.x and 9.x

    @rem  This unsupported utility is provided for your convenience only.

    @rem  Symantec Technical Support cannot provide support for the creation,

    @rem  use, or troubleshooting of Windows scripts.

     

    @rem ==============================================================================================

    @echo off

     

     

    rem   ========= check that OS is win2k or better ============

    if not "%OS%" == "Windows_NT" goto BADOS

    if "%APPDATA%" == "" goto BADOS

     

    rem   ========= make sure to be in script directory ============

    if exist rtvscan.exe set COPY_JDB_TO=%CD%

    for %%i in (%0) do @%%~di

    for %%i in (%0) do @cd %%~pi

    if exist rtvscan.exe set COPY_JDB_TO=%CD%

     

    rem   =========== get name/size of last file from "jdbdown.lastfile" ============

    if not exist jdbdown.lastfile goto NOLAST

    for /f "tokens=1" %%f in (jdbdown.lastfile) do set lastfile=%%f

    for /f "tokens=2" %%f in (jdbdown.lastfile) do set lastsize=%%f

    :NOLAST

     

    rem   ========= jump to temp dir ============

    if not exist "%JDBTEMP%\jdbtmp" md "%JDBTEMP%\jdbtmp"

    if exist "%JDBTEMP%\jdbtmp\*.jdb" del "%JDBTEMP%\jdbtmp\*.jdb"

    pushd "%JDBTEMP%\jdbtmp"

     

    rem   =========== make ftp script for checking jdb directory on ftp ===========

    echo open ftp.symantec.com> check.txt

    echo anonymous>> check.txt

    echo email@address.com>> check.txt

    set jdbfolder=jdb

    if "%RAPIDRELEASE%" == "1" set jdbfolder=rapidrelease

    echo cd AVDEFS/norton_antivirus/%jdbfolder%>> check.txt

    echo dir *.jdb chk.lst>> check.txt

    echo bye>> check.txt

     

    rem   =========== get filename and size from ftp ============

    if exist chk.lst del chk.lst

    ftp -s:check.txt

    if not exist chk.lst goto ERROR

    for /f "tokens=9" %%f in (chk.lst) do set jdbfile=%%f

    for /f "tokens=5" %%f in (chk.lst) do set jdbsize=%%f

    if "%jdbfile%" == "" goto ERROR

    if "%jdbsize%" == "" goto ERROR

     

    rem   =========== compare ftp name/size to local ============

    if not "%jdbfile%" == "%lastfile%" goto DOWNLOAD

    if not "%jdbsize%" == "%lastsize%" goto DOWNLOAD

    popd

    echo.

    echo Already downloaded latest %jdbfolder% file: %jdbfile% - size %jdbsize%

    echo %date% %time%  Already downloaded latest %jdbfolder% file: %jdbfile% - size %jdbsize% >> JDBdown.log

    goto END

     

    :DOWNLOAD

    rem   ========= make ftp script for downloading new jdb file =========

    echo open ftp.symantec.com> down.txt

    echo anonymous>> down.txt

    echo email@address.com>> down.txt

    echo cd AVDEFS/norton_antivirus/%jdbfolder%>> down.txt

    echo bin>> down.txt

    echo hash>> down.txt

    echo get %jdbfile%>> down.txt

    echo bye>> down.txt

     

    rem   ============= download new file =================

    ftp -s:down.txt

    for %%i in (%jdbfile%) do @set newsize=%%~zi

    if not "%newsize%" == "%jdbsize%" goto ERROR

    move %jdbfile% %COPY_JDB_TO%

    if exist %jdbfile% goto ERRORMOVE

    popd

    echo.

    echo %jdbfile% %jdbsize% > jdbdown.lastfile

    echo Downloaded new %jdbfolder% file: %jdbfile% - size %jdbsize%

    echo %date% %time%  Downloaded new %jdbfolder% file: %jdbfile% - size %jdbsize% >> JDBdown.log

    goto END

     

     

    :ERROR

    popd

    echo.

    echo ERROR: problem downloading %jdbfolder% definition file. jdbfile=%jdbfile% jdbsize=%jdbsize% newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%).

    echo %date% %time%  ERROR: problem downloading %jdbfolder% definition file. jdbfile=%jdbfile% jdbsize=%jdbsize% newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%). >> JDBdown.log

    type "%JDBTEMP%\jdbtmp\chk.lst" >> JDBdown.log

    echo.  >> JDBdown.log

    goto END

     

    :ERRORMOVE

    popd

    echo.

    echo ERROR: problem moving definition file to SAV folder. COPY_JDB_TO=%COPY_JDB_TO%  newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%).

    echo %date% %time%  ERROR: problem moving definition file to SAV folder. COPY_JDB_TO=%COPY_JDB_TO%  newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%). >> JDBdown.log

    goto END

     

    :BADOS

    echo.

    echo ERROR: this script needs Windows 2000 or better.

    echo %date% %time%  ERROR: this script needs Windows 2000 or better. >> JDBdown.log

    goto END

     

    :END

    if exist "%JDBTEMP%\jdbtmp\check.txt" del "%JDBTEMP%\jdbtmp\check.txt"

    if exist "%JDBTEMP%\jdbtmp\down.txt" del "%JDBTEMP%\jdbtmp\down.txt"

    if exist "%JDBTEMP%\jdbtmp\chk.lst" del "%JDBTEMP%\jdbtmp\chk.lst"

    rd "%JDBTEMP%\jdbtmp"

    set COPY_JDB_TO=

    set RAPIDRELEASE=

    set lastsize=

    set lastfile=

    set newsize=

    set jdbsize=

    set jdbfile=

    set jdbfolder=

    set JDBTEMP=