Checking a remote registry is something that indeed looks simple, but it's not, aspecialy if SA would be running as service and not as application....
Dirk Bulinckx. -----Original Message----- From: Servers Alive Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Jason Passow Sent: Wednesday, August 16, 2006 4:01 PM To: Servers Alive Discussion List Subject: Re: [SA-list] Anti-virus signature checker I understand it's a free add on and believe me when I say it is much appreciated, but it seems to me it would be fairly easy (and I am not a programmer) to check remote registry with readily available tools. For those that store the info in a file it would be even easier. Not saying it could wait until you have more time to work on it just adding to the wish list. Jason Passow Mississippi Welders Supply [EMAIL PROTECTED] ph: (507) 494-5178 fax: (507) 454-8104 "If you do everything right, nobody will realize you've done anything at all." Dirk Bulinckx wrote: > No that is not planned. > Remember this is a FREE add-on. > > > Dirk Bulinckx. > -----Original Message----- > From: Servers Alive Discussion List [mailto:[EMAIL PROTECTED] On > Behalf Of per ohlsson > Sent: Wednesday, August 16, 2006 3:36 PM > To: Servers Alive Discussion List > Subject: RE: [SA-list] Anti-virus signature checker > > Hello and thanks for this! > BUT.... > Are there any chance to check remote machines? Only check actual def > one time and after that some other Pc's > > Best regards > Per > > >>>> "Dirk Bulinckx" <[EMAIL PROTECTED]> 2006-08-16 11:50 >>> >>>> > Change was done. There is an option in the GUI, were you can say > "Local system must have AV product installed". If that is enabled > then it will give a down when the AV is not installed (the %e > parameter will include the version from the web), with this option > disabled (default) the %e parameter will only show the webserver > (without any other text). As for the McAfee version issue, that's > also fixed in build 7 which can be downloaded from http://beta.woodstone.nu/soft/setup_avcom.exe > (http://beta.woodstone.nu/soft/setup_avcom.exe) > > Dirk Bulinckx. > > ---------------------------------------------------------------------- > ------ > ---- > > From: Servers Alive Discussion List [mailto:[EMAIL PROTECTED] On > Behalf Of Dirk Bulinckx > Sent: Wednesday, August 16, 2006 11:26 AM > To: Servers Alive Discussion List > Subject: RE: [SA-list] Anti-virus signature checker > > > > People will also use it ,just to get the latest info. Maybe that I > should add an option in the GUI for it. That way the mesage (%e > parameter) can also be different. As for the version thing with > McAfee....I'll remove the first digit > from the web-version before doing the compare. > > Dirk Bulinckx. > > ---------------------------------------------------------------------- > ------ > ---- > > From: Servers Alive Discussion List [mailto:[EMAIL PROTECTED] On > Behalf Of [EMAIL PROTECTED] Sent: Wednesday, August 16, 2006 9:57 > AM > To: Servers Alive Discussion List > Subject: Re: [SA-list] Anti-virus signature checker > > > > *Very* cool Dirk. One immediate problem, when I try it with McAfee: it > finds version 4830 on the web, but version 830 on the machine (i.e. > it's losing the initial digit). > > What's the logic of giving an "up" if there's nothing in the registry? > I would have thought that nothing in the reg implies that AV isn't > installed, which would be a *bad* thing. > > Ian > > > > _________________________________ > Ian K Gray > OEL IS - European Infrastructure Support > Tel: +44 1236 502661 > Mob: +44 7881 518854 > > > > "Dirk Bulinckx" <[EMAIL PROTECTED]> Sent by: Servers Alive Discussion > List <[email protected]> > > 15/08/2006 17:50 Please respond to > Servers Alive Discussion List <[email protected]> To Servers Alive > Discussion List <[email protected]> cc Subject [SA-list] Anti-virus > signature checker > > > > > A while ago (June) there were some talks about a COM check that would > see if your anti-virus product was up-to-date or not. > > We have a little COM check that is already able to do a little. > * Aladin eSafe: > get the version number from the > internet (if they change the look of their website we have a problem) > > * Symantec AV: > get the version number from the > internet (if they change the look of their website we have a problem) > > > * CA eTrust (both for the VET and the Innoculate > engine) > get the version number from a TXT > file they have on the internet > > > * McAfee (NAI) > get the version number from an INI > file they have on the internet > compare that to the version that is > in the registry of the system running SA. > * versions are the > same gives an up > * versions are > different gives a down > * nothing in the > registry give an up too > > All of them (except for CA eTrust which uses FTP) are using the HTTP > protocol to get the info from the internet. This is via a direct > connection (NO proxy support!) > > > This is a FIRST version. We would like to extend the possibilities to > more AV products (internet part) and also the local part (get the > version numbers on the local system too). > So if you have info on were we can find the info (internet & local) > for a specific product, then please let us know so we can > extend/enhance this check. > > > You can download it from http://beta.woodstone.nu/soft/setup_avcom.exe > > > > > Dirk Bulinckx. > > To unsubscribe send a message with UNSUBSCRIBE as subject to > [email protected] If you use auto-responders (like out-of-the-office > messages), then make sure that they are not send to the list nor to > the individual members of the list that send a message. Doing this > will get you removed from the list. > > > > To unsubscribe send a message with UNSUBSCRIBE as subject to > [email protected] If you use auto-responders (like out-of-the-office > messages), then make sure that they are not send to the list nor to > the individual members of the list that send a message. Doing this > will get you removed from the list. > > To unsubscribe send a message with UNSUBSCRIBE as subject to > [email protected] If you use auto-responders (like out-of-the-office > messages), then make sure that they are not send to the list nor to > the individual members of the list that send a message. Doing this > will get you removed from the list. > > To unsubscribe send a message with UNSUBSCRIBE as subject to > [email protected] If you use auto-responders (like out-of-the-office > messages), then make sure that they are not send to the list nor to > the individual members of the list that send a message. Doing this > will get you removed from the list. > > To unsubscribe send a message with UNSUBSCRIBE as subject to > [email protected] If you use auto-responders (like out-of-the-office > messages), then make sure that they are not send to the list nor to > the individual members of the list that send a message. Doing this > will get you removed from the list. > > To unsubscribe send a message with UNSUBSCRIBE as subject to > [email protected] If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list. > > To unsubscribe send a message with UNSUBSCRIBE as subject to [email protected] If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list. To unsubscribe send a message with UNSUBSCRIBE as subject to [email protected] If you use auto-responders (like out-of-the-office messages), then make sure that they are not send to the list nor to the individual members of the list that send a message. Doing this will get you removed from the list.
