Anti-Virus Updates


Main problem:
How to get all the workstations updated with the latest anti-virus definitions using a simple batch file. This solution uses a few DOS utilities, a Windows workstation and Novell ZENworks or even just the Novell login script.

Reason for problem:
People will not download the definitions on their own.
Will have to give all people web access.
Waste of time everyone doing it themselves.
Cannot take chance of our organisations emails going out with viruses.
Cannot take chance of incoming emails manually being checked.
Chance of workstation downtime, lost productivity, etc.

Technical hurdles:
Automatically downloading the file from the Symantec website.
File name changes frequently so you cannot ask for the same name all the time.
Copying the file to all regions.
Getting the files onto the workstations.
Getting the files onto the workstations without user intervention.
Staying up to date with the latest anti-virus definitions.
Updating the workstations in a timely manner.

The solution is in three parts.
1. A process that automatically runs several times a day.
2. The process downloads the file, irrespective of name, renames it, and copies it to all servers.
3. Definition copied onto all workstations without user intervention.

Detailed explanation:

1. Automatic process:
Using the AT command on a windows workstation we can get it to run a batch file several times a day and every day of the week. This can be copied into a file and saved as a batch file. It only needs to be run once as it is recurring every day. The AT command is setup like this:

************************* cut below here *************************
at /del /y
at 02:00 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
at 08:30 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
at 14:00 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
at 20:30 /interactive /every:M,T,W,Th,F,S,Su cmd /c c:\navup\go.bat
************************* cut above here *************************

2a. Batch file:
Cut and paste this into a DOS based batch file.
Call it whatever you like. Currently it is called go.bat.

************************* cut below here *************************
@echo off
if exist c:\navup\download.bat del c:\navup\download.bat
if exist date del date
if exist date.txt del date.txt
if exist download.txt del download.txt
copy blank.txt download.bat
copy download.bat start.txt download.bat
maketxt download.bat /c
copy download.txt download.bat
del download.txt
fdate /Fsub /N1 /Ommdd>date
maketxt date /c
copy download.bat date.txt download.bat
maketxt download.bat /c
copy download.txt download.bat
del download.txt
copy download.bat end001.txt download.bat
maketxt download.bat /c
copy download.txt download.bat
type download.bat

rem *** download file to server ***
echo Downloading file from Internet...
call download.bat
if errorlevel==1 goto error

rem *** copy to server or servers ***
echo Distributing files to other servers...
echo Copying file to YourServerName.
net use r: \\servername\volumename /user:<your login name here>
del r:\ sarc-i32.exe
copy c:\navup\sarc-i32.exe r:\
net use r: /del

goto end

echo There is currently no update.

echo Process ended.
************************* cut above here *************************

2b. These files are included in this ZIP file, and are needed in the directory you are running the download.bat from.

Create a blank text file called blank.txt with no carriage return or line feed. (This is easily done in notepad.exe by not entering a carriage return at the end of the line).

Create a file called start.txt with the following included:
with no carriage return or line feed.

Create a file called end.txt with the following included:
-001-i32.exe sarc-i32.exe -x YourProxyServerNameHere -y 8080

FDATE.EXE (included) from the Novell free tools site. Use this utility to get the current date. I use it with the subtract feature because Australia is ahead of the US in time zones so we need to delete a day from the date given by FDATE.EXE to get the current file from the US site.

MAKETXT.EXE (included) for stripping out CR/LF from text files. This or any other simple DOS utility that strips CR/LF from text files. This is needed for the download.bat file to be correctly made on a Windows 2000 workstation. Different windows platforms handle DOS batch file creation and appending a bit differently so experiment with other platforms.

URL2file.EXE (included) - Great utility that can download a file from a website from within a DOS box.

3. Novell Login script or ZENworks
The updated file can easily be distributed out the workstations via the Novell Login Script or via an Application object.

For Login Script:
Put the following in the container Login script to allow users to get the updated anti-virus file automatically upon login.
#sarc-i32.exe /q

For Application Object:
Path to executable file:
r:\sarc-i32.exe /q
Set other Application object options as you prefer.

4. Notes.
Symantec also changes their update file to have a number in the name such as -001- or -002- etc. This number should reset to 001 each day on their website as it tells which version of the file for a given day. The download.bat file could be duplicated with end.txt files with 002, 003, etc to make sure you got the latest patch for the day. I don't think they would be updating the file more than a half dozen times a day. A daily update for the anti-virus should be sufficient for most organisations.

URL2file.EXE has switches to use proxy servers. Use -x and -y switches if you need to.
FDATE.EXE. Use Fdate /ff /ommdd for downloading the update in the US.


Comment List