Endpoint Protection

 View Only

  • 1.  How to script def updates?

    Posted Mar 16, 2010 04:03 AM
    I tried to search for this, but found too many to read... I am installing SEP 11.5 on an XP SP3 machine that will be used at a Kiosk with Windows Steady State. Steady State does not recognize SEP, although it does recognize other AV vendors. To update the defs, I can not use Live Update - I need to schedule a script to run to pull them down and install them. Is there such a thing already created, and if so, could you point me to where it is? Thank you for the helP!


  • 2.  RE: How to script def updates?



  • 3.  RE: How to script def updates?

    Posted Apr 06, 2010 04:05 AM

    Thank you for the thought, but no, this didn't help. I did find a post "SEP11 and Windows SteadyState" that has a script and information that I think will help, I'm testing it now to see if it will do what I need. Thank you for the info!



  • 4.  RE: How to script def updates?
    Best Answer

    Posted Apr 06, 2010 06:34 AM
    The post copied below by ctosompoy WORKS. This is great!
    ctosompoy
    1 year 28 weeks ago

    Add the below text to SoftwareUpdates.XML  above the statement "</softwareupdates>" at the bottom of the file. You can find this file in XML directory for steadystate 2.5.

     

      <software
        id="SymantecEP11"
        name="Symantec Endpoint Protection 11"
        detectionPath="SOFTWARE\Symantec\InstalledApps"
        detectionName="SAV Install Directory"
        append="SescLU.exe"
        script="SCTSymantecEndpointUpdate.vbs"
        category="Anti-Virus"  />

     

     

    Then create this script file named "SCTSymantecEndpointUpdate.vbs" with the text below and save in the scripts dirctory for steadystate. Restart your machine after doing this and you will see Endpoint listed as a security program in SteadyState.

     

    ' ~~~ Force variables to be declared
    ' ~~~
    Option Explicit

    ' ~~~
    ' ~~~ Turn on error handling
    ' ~~~
    On Error Resume Next

    ' ~~~
    ' ~~~ Declare global variables
    ' ~~~
    Dim sNortonPath, oShell, strComputer, oWMIService, ColProcesses

    ' ~~~ Create objects
    Set oShell = CreateObject("WScript.Shell")

    ' ~~~ Set application path
    sNortonPath = oshell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\LUALL.EXE\")

    '~~~ Download Virus Signature
    call oShell.Run("""" & sNortonPath & """" & " -s", 0, True)

    ' ~~~ Wait 5 minutes
    WScript.Sleep (300000)

     

     

     



  • 5.  RE: How to script def updates?

    Posted Apr 06, 2010 10:41 PM

    Once you have third party management configured, you can just grab the defs using a modified xdbdown script.
    Change the target directory to wherever you installed your SEP:

    Non-Vista
    C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\inbox

    Vista
    C:\Program Data\Symantec\Symantec Endpoint Protection\inbox\

    Change rapid release to 0 or 1 depending which defs you want.

    You will need to allow ftp access to ftp.symantec.com
    This can't be set to an IP address as ftp.symantec.com is hosted with Akamai and changes depending on the web farm it resolves to.

    Create a batch file from the following:

    @Set COPY_jdb_TO="C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\inbox"
    @set RAPIDRELEASE=0
    @set jdbTEMP=%temp%
    @rem ==============================================================================================
    @rem Set RAPIDRELEASE=1 to download repidrelease definitions, RAPIDRELEASE=0 for fully QA'd definitions (standard).
    @rem Change COPY_jdb_TO= to point to the SEP server directory (or where you want the jdb file copied)
    @rem you can also run the script directly from the SEP incoming folder and it will copy the definitions there.
    @rem jdbTEMP is the temp folder the script will use while downloading definitions, set to %temp% to use system default
    @rem ==============================================================================================
    @rem Script for downloading virus and spyware definition updates for
    @rem Symantec Endpoint Protection version 11.xx
    @rem ==============================================================================================
    @echo off
    rem ========= check that OS is win2k or better ============
    rem if not "%OS%" == "Windows_NT" goto BADOS
    rem if "%APPDATA%" == "" goto BADOS
    rem ========= make sure to be in script directory ============
    if exist rtvscan.exe set COPY_jdb_TO=%CD%
    for %%i in (%0) do @%%~di
    for %%i in (%0) do @cd %%~pi
    if exist rtvscan.exe set COPY_jdb_TO=%CD%
    rem =========== get name/size of last file from "jdbdown.lastfile" ============
    if not exist jdbdown.lastfile goto NOLAST
    for /f "tokens=1" %%f in (jdbdown.lastfile) do set lastfile=%%f
    for /f "tokens=2" %%f in (jdbdown.lastfile) do set lastsize=%%f
    :NOLAST
    rem ========= jump to temp dir ============
    if not exist "%jdbTEMP%\jdbtmp" md "%jdbTEMP%\jdbtmp"
    if exist "%jdbTEMP%\jdbtmp\*.jdb" del "%jdbTEMP%\jdbtmp\*.jdb"
    pushd "%jdbTEMP%\jdbtmp"
    rem =========== make ftp script for checking jdb directory on ftp ===========
    echo open ftp.symantec.com> check.txt
    echo anonymous>> check.txt
    echo email@address.com>> check.txt
    set jdbfolder=jdb
    if "%RAPIDRELEASE%" == "1" set jdbfolder=rapidrelease
    echo cd /public/english_us_canada/antivirus_definitions/symantec_antivirus_corp/%jdbfolder%>> check.txt
    echo dir *.jdb chk.lst>> check.txt
    echo bye>> check.txt
    rem =========== get filename and size from ftp ============
    if exist chk.lst del chk.lst
    ftp -s:check.txt
    if not exist chk.lst goto ERROR
    for /f "tokens=9" %%f in (chk.lst) do set jdbfile=%%f
    for /f "tokens=5" %%f in (chk.lst) do set jdbsize=%%f
    if "%jdbfile%" == "" goto ERROR
    if "%jdbsize%" == "" goto ERROR
    rem =========== compare ftp name/size to local ============
    if not "%jdbfile%" == "%lastfile%" goto DOWNLOAD
    if not "%jdbsize%" == "%lastsize%" goto DOWNLOAD
    popd
    echo.
    echo Already downloaded latest %jdbfolder% file: %jdbfile% - size %jdbsize%
    echo %date% %time% Already downloaded latest %jdbfolder% file: %jdbfile% - size %jdbsize% >> jdbdown.log
    goto END
    :DOWNLOAD
    rem ========= make ftp script for downloading new jdb file =========
    echo open ftp.symantec.com> down.txt
    echo anonymous>> down.txt
    echo email@address.com>> down.txt
    echo cd public/english_us_canada/antivirus_definitions/norton_antivirus/%jdbfolder%>> down.txt
    echo bin>> down.txt
    echo hash>> down.txt
    echo get %jdbfile%>> down.txt
    echo bye>> down.txt
    rem ============= download new file =================
    ftp -s:down.txt
    for %%i in (%jdbfile%) do @set newsize=%%~zi
    if not "%newsize%" == "%jdbsize%" goto ERROR
    move %jdbfile% %COPY_jdb_TO%
    if exist %jdbfile% goto ERRORMOVE
    popd
    echo.
    echo %jdbfile% %jdbsize% > jdbdown.lastfile
    echo Downloaded new %jdbfolder% file: %jdbfile% - size %jdbsize%
    echo %date% %time% Downloaded new %jdbfolder% file: %jdbfile% - size %jdbsize% >> jdbdown.log
    goto END
    :ERROR
    popd
    echo.
    echo ERROR: problem downloading %jdbfolder% definition file. jdbfile=%jdbfile% jdbsize=%jdbsize% newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%).
    echo %date% %time% ERROR: problem downloading %jdbfolder% definition file. jdbfile=%jdbfile% jdbsize=%jdbsize% newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%). >> jdbdown.log
    type "%jdbTEMP%\jdbtmp\chk.lst" >> jdbdown.log
    echo. >> jdbdown.log
    goto END
    :ERRORMOVE
    popd
    echo.
    echo ERROR: problem moving definition file to SAV folder. COPY_jdb_TO=%COPY_jdb_TO% newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%).
    echo %date% %time% ERROR: problem moving definition file to SAV folder. COPY_jdb_TO=%COPY_jdb_TO% newsize=%newsize% (lastfile=%lastfile% lastsize=%lastsize%). >> jdbdown.log
    goto END
    :BADOS
    echo.
    echo ERROR: this script needs Windows 2000 or better.
    echo %date% %time% ERROR: this script needs Windows 2000 or better. >> jdbdown.log
    goto END
    :END
    if exist "%jdbTEMP%\jdbtmp\check.txt" del "%jdbTEMP%\jdbtmp\check.txt"
    if exist "%jdbTEMP%\jdbtmp\down.txt" del "%jdbTEMP%\jdbtmp\down.txt"
    if exist "%jdbTEMP%\jdbtmp\chk.lst" del "%jdbTEMP%\jdbtmp\chk.lst"
    rd "%jdbTEMP%\jdbtmp"
    set COPY_jdb_TO=
    set RAPIDRELEASE=
    set lastsize=
    set lastfile=
    set newsize=
    set jdbsize=
    set jdbfile=
    set jdbfolder=
    set jdbtemp=