How to ignore malformed containers when scanning a file with the Symantec Scan Engine Command Line Scanner (SSECLS)

Article:HOWTO40225  |  Created: 2011-01-14  |  Updated: 2011-01-14  |  Article URL http://www.symantec.com/docs/HOWTO40225
Article Type
How To



You are using Command Line Scanner (a command driven executable that is part of Symantec Scan Engine) to scan files and want to skip malformed containers.
The options available in the command line are limited.


In order for the Command Line Scanner to scan files, you need first of all to use the ICAP protocol.
This can only be set in the Graphical User Interface (GUI) of Symantec Scan Engine.

  1. Log on to Symantec Scan Engine, using the web based login page (if you are local on the scan engine machine the URL would be https://127.0.0.1:8004 )
  2. Go to Configuration on the left hand side
  3. Select Filtering in the middle column (if you can’t see the middle column, use the arrows to move the right hand field to the right hand side of the screen)
  4. Select ICAP (the scan policy on the Protocol page has no influence on the SSECLS action)
  5. Apply your changes.

 

To ignore malformed containers with the Command Line Scanner:

  1. Log on to Symantec Scan Engine, using the web based login page (if you are local on the scan engine machine the URL would be https://127.0.0.1:8004 )
  2. Go to Policies on the left hand side
  3. Select Filtering  in the middle column (if you can’t see the middle column, use the arrows to move the right hand field to the right hand side of the screen)
  4. Select the tab  Container Handling
  5. Under Malformed Container File Processing, uncheck the option for Block malformed containers
  6. Apply your changes

 

As a result malformed containers will be scanned by ssecls.exe but the result is ignored.

You may see the following lines when scanning such a malformed container: 

Files Excluded = 0
Files Scanned = 1
Directories Scanned = 1
Directories Excluded = 0
Files Skipped = 0
Files Scan Error = 0
Files Infected = 0
No error was found during the scan
 



Article URL http://www.symantec.com/docs/HOWTO40225


Terms of use for this information are found in Legal Notices