Re: [Declude.Virus] log file grepping
On 1 Dec 2004 at 15:26, Bill Landry wrote: Hi Bill - Total messages scanned for the day and the total number of viruses found for that day (not count of individual virus)? Correct.I have no interest in this case of an indv virus count. Just totals. That is what I want to feed to mrtg to get realtine graphs. As you probably are aware mrtg likes 2 values to graph so in this case I'm looking for total scanned vs virus found. [For total virus's I think it would have to be by individual scanner so could see how each AV program compares. An overall total would be helpful as well if possible.] -Nick Bill --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Advice on Antivirus for System Protection
Thanks Matt. __ Dean Lawrence, CIO/Partner Internet Data Technology 888.GET.IDT1 ext. 701 * fax: 888.438.4381 http://www.idatatech.com/ Corporate Internet Development and Marketing Specialists --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] What's the IFrame vulnerability
Just wondering if someone can explain what the HTML / IFrame @ expl capture from f-prot is? is it a vulnerability or worse? thanks, bob --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Advice on Antivirus for System Protection
Thanks Matt. I dare say there are probably many like myself that you don't hear from much, but we read the postings and learn a lot from you regular posters. It is much appreciated. Bill Green dfn Systems - Original Message - From: Matt [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, December 01, 2004 11:25 AM Subject: Re: [Declude.Virus] Advice on Antivirus for System Protection I find Symantec Corporate Edition to be my server AV scanner of choice because it is easily configurable (primarily for exclusions), and has a nice feature that shows you exactly what is being scanned in real-time. It hardly costs anything, and they now also offer multi-year licenses. Make sure that you purchase over the Internet to save substantially. http://shopper-search.cnet.com/search?part=q=Symantec+Corporate+Edition+Server+9.0 Matt Bill Green dfn Systems wrote: We've been using Declude/F-Prot to protect our email users, and Symantec Corp. Ed. to protect the server it'self. Our Symantec is up for renewal and I was wondering what others are using that might be less expensive. Bill Green dfn Systems --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Advice on Antivirus for System Protection
Bill, Thanks a bunch for the kind words. Matt Bill Green dfn Systems wrote: Thanks Matt. I dare say there are probably many like myself that you don't hear from much, but we read the postings and learn a lot from you regular posters. It is much appreciated. Bill Green dfn Systems - Original Message - From: Matt [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, December 01, 2004 11:25 AM Subject: Re: [Declude.Virus] Advice on Antivirus for System Protection I find Symantec Corporate Edition to be my server AV scanner of choice because it is easily configurable (primarily for exclusions), and has a nice feature that shows you exactly what is being scanned in real-time. It hardly costs anything, and they now also offer multi-year licenses. Make sure that you purchase over the Internet to save substantially. http://shopper-search.cnet.com/search?part=q=Symantec+Corporate+Edition+Server+9.0 Matt Bill Green dfn Systems wrote: We've been using Declude/F-Prot to protect our email users, and Symantec Corp. Ed. to protect the server it'self. Our Symantec is up for renewal and I was wondering what others are using that might be less expensive. Bill Green dfn Systems --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] log file grepping
- Original Message -
From: Nick [EMAIL PROTECTED]
Total messages scanned for the day and the total number of viruses
found for that day (not count of individual virus)?
Correct.I have no interest in this case of an indv virus count. Just
totals. That is what I want to feed to mrtg to get realtine graphs.
As you probably are aware mrtg likes 2 values to graph so in this
case I'm looking for total scanned vs virus found. [For total virus's
I think it would have to be by individual scanner so could see how
each AV program compares. An overall total would be helpful as well
if possible.]
Well, here is a bit a trickery to make it a single liner:
egrep File\(|Scanned: (Virus|Error)|Skipping l:\virus\vir1201.log | gawk
{print $1,$4,$5,$6} | sed s/\/2004 / TOTAL\n/g | egrep File|TOTAL |
gawk {print $(NF-0)} | usort | uniq -c
Which will give you an output like:
735 INFECTED
37023 TOTAL
You will need to adjust the path info to you log files, and can manipulate
the output to your liking, but this should give you a starting point to work
with...
Bill
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.Virus.The archives can be found
at http://www.mail-archive.com.
Re: [Declude.Virus] log file grepping
On 2 Dec 2004 at 14:57, Bill Landry wrote:
Very kool. I really tried to do this and figured there was no way!
Thanks!
-Nick
Well, here is a bit a trickery to make it a single liner:
egrep File\(|Scanned: (Virus|Error)|Skipping l:\virus\vir1201.log |
gawk {print $1,$4,$5,$6} | sed s/\/2004 / TOTAL\n/g | egrep
File|TOTAL | gawk {print $(NF-0)} | usort | uniq -c
Which will give you an output like:
735 INFECTED
37023 TOTAL
You will need to adjust the path info to you log files, and can
manipulate the output to your liking, but this should give you a
starting point to work with...
Bill
---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.Virus.The archives can be found
at http://www.mail-archive.com.
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.Virus.The archives can be found
at http://www.mail-archive.com.
