Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 34

Thread: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

  1. #21

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    Opps, I left out a function from the menu. Change --> 'z' to 'c'


    Code:
                                  if [[ "$3" == *'c'* ]]; then
                                       printf "Compress folder --> VirusFound.tar.gz\n"
                                       tar -zcvf "${User_Folder}/VirusFound.tar.gz" -C "${User_Folder}" VirusFound --remove-files
                                       chown -R "${User_Name}":users "${User_Folder}/VirusFound.tar.gz"
                                       chmod -R u=rwx,g=,o= "${User_Folder}/VirusFound.tar.gz"
                                  fi
    Fix the menu

    Code:
    Copy virus folder to user #
        p1: -cv or --copyvirusvault
        p1: -mv or --movevirusvault
        p2: l  list users
        p2: user number
        p3: c  compress folder

    The config file has been updated.

    Code:
    ______________________________scanvirus configuration______________________________
    Date[space]Time or Time[space]Date
    date +'%Y-%m-%d %I:%M:%S%P'
    DateTimeStamp= %Y-%m-%d %I:%M:%S%P
    ___________________________________________________________________________________
    ExcludedScanFolders= dev etc kdeinit5__0 proc tmp srv sys var .snapshots
    ___________________________________________________________________________________
    Bash Suspend Command
    1= 'systemctl suspend' - openSUSE, Ubuntu, Fedora, Arch, Debian, etc
    2= 'pm-suspend' - Void, Gentoo, Devuan etc - pm-utils power management suite
    SuspendCommand= 1
    ___________________________________________________________________________________
    Suspend or power-off lock screen - GNOME KDE
    LockScreenCommand= 0
    ___________________________________________________________________________________
    MSWIN scan - partition file system types
    ScanPartitionFileSystems= ntfs vfat
    ___________________________________________________________________________________

  2. #22
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    12,431
    Blog Entries
    2

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    Here's a long term (perhaps very long term) item maybe for your roadmap...
    There is of course a trend to run as much functionality as possible as kernel modules...
    Not only would that solve certain security issues (limited access by other processes) you might experience performance gains and perhaps be able to re-use code that already exists in the kernel (for example, I can imagine scanning a file system might be possible with functionality that's already part of the filesystem).
    The obvious downside is that AFAIK any kind of kernel code (likely beginning with a kernel loadable module which can be manually activated, loaded, removed, etc) would have to be written in C. But, let's say that today you've done a good job of modularizing your existing script code. If you can make use of filesystem functionality, maybe your original code would actually be very little, piecing the functionality together and not so much creating the functionality.

    In any case,
    loadable kernel modules can be surprisingly easy to write... There are a few YouTube videos (less than 15 minutes!) and various documentation that can give you the basics.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  3. #23

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    Quote Originally Posted by tsu2 View Post
    Here's a long term (perhaps very long term) item maybe for your roadmap...
    There is of course a trend to run as much functionality as possible as kernel modules...
    Not only would that solve certain security issues (limited access by other processes) you might experience performance gains and perhaps be able to re-use code that already exists in the kernel (for example, I can imagine scanning a file system might be possible with functionality that's already part of the filesystem).
    The obvious downside is that AFAIK any kind of kernel code (likely beginning with a kernel loadable module which can be manually activated, loaded, removed, etc) would have to be written in C. But, let's say that today you've done a good job of modularizing your existing script code. If you can make use of filesystem functionality, maybe your original code would actually be very little, piecing the functionality together and not so much creating the functionality.

    In any case,
    loadable kernel modules can be surprisingly easy to write... There are a few YouTube videos (less than 15 minutes!) and various documentation that can give you the basics.

    TSU
    Looking back, the original purpose was to fill in the gaps in functionality in clamscan. Simply put, adding level of features it lacked or simplify the functions. Noting the desktop apps that have a clamscan engine, you can't use them if your desktop is corrupt. No desktop, no problem! Even works on a server. Scan flash drives and your main system at the same time. All ideas are from my own needs. Not to mention, I use lots of free software. It's my chance to give back something.

    I've been trained in structured programing. Modular functions are part of my skill set, seeing that formal training.

    I know c programing, but with bash you don't need to that complex task of compiling code. Bash is slower, but it's copy and paste into /usr/bin/ (overwrite file yes) then it's ready to use.

    My code is so streamlined. You should notice almost no time before scans start. Many times, I ran a low-priority scan on slow laptop. The laptop scan was only as slow as the clamscan engine.

    Security, bash is already opensource. Anyone can open the text file. It's well commented and lots of white space formatting for readability.


    I might write in c later, just for speed. However, bash is easier to code. As of now, I still can't figure how to compile the clamscan code, "WARNING: Your ClamAV installation is OUTDATED!".

    Converting this monster size code to C will take a long time! For now, I want to compile the clamscan code. For another topic...






    Don't upload this anywhere! Official release will like have hidden fixes and upgrades. Only available for 1 day.

    Beta3 Test version:

    Scanlogs upgraded. Total scan time added. Code streamlining to follow. To scanlogs, possible fields ordering in config file.

    FYI: lock screen sometimes will block the suspend command.

    Ignore:
    ----------------------------------
    No such file or directory
    WARNING: : Can't access file
    -------------------------------------------
    Bash error on last line of code, random.



    READ ME! Config file has been changed. Erase old 'scanvirus.cfg', using 'scanvirus -vf'. Then do 'scanvirus -v', a quick way to do reinit. ( I use this method. )

    ______________________________scanvirus configuration______________________________
    Date[space]Time or Time[space]Date
    date +'%Y-%m-%d %I:%M:%S%P'
    DateTimeStamp= %Y-%m-%d %I:%M:%S%P
    ___________________________________________________________________________________
    ExcludedScanFolders= dev etc kdeinit5__0 proc tmp srv sys var .snapshots
    ___________________________________________________________________________________
    Bash Suspend Command
    1= 'systemctl suspend' - openSUSE, Ubuntu, Fedora, Arch, Debian, etc
    2= 'pm-suspend' - Void, Gentoo, Devuan etc - pm-utils power management suite
    SuspendCommand= 1
    ___________________________________________________________________________________
    Suspend or power-off lock screen - GNOME KDE
    LockScreenCommand= 0
    ___________________________________________________________________________________
    MSWIN scan - partition file system types
    ScanPartitionFileSystems= ntfs vfat
    ___________________________________________________________________________________



    https://paste.opensuse.org/d7b4a16a

  4. #24

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    scanvirus release beta test4

    Again, don't upload it anywhere! This does some fixes and upgrades. The next one should be final one, before the stable release. Available for one day only. Only 'virus' or 'clean' now. New additional cfg options. Not fully tested. Note any issues or bugs here.

    In-progress: i've been working on a configurable scanlog line, simular to printf.



    ______________________________scanvirus configuration______________________________
    date +'%Y-%m-%d %I:%M:%S%P'
    TimeStamp= %I:%M:%S%P
    DateStamp= %Y-%m-%d
    ______________________________________________________________________________
    ExcludedScanFolders= dev etc kdeinit5__0 proc tmp srv sys var .snapshots
    ___________________________________________________________________________________
    Bash Suspend Command
    1= 'systemctl suspend' - openSUSE, Ubuntu, Fedora, Arch, Debian, etc
    2= 'pm-suspend' - Void, Gentoo, Devuan etc - pm-utils power management suite
    SuspendCommand= 1
    ___________________________________________________________________________________
    Suspend or power-off lock screen - GNOME KDE
    LockScreenCommand= 0
    ___________________________________________________________________________________
    MSWIN scan - partition file system types
    ScanPartitionFileSystems= ntfs vfat
    ___________________________________________________________________________________
    List users group filter
    UserGroupFilter= users
    ___________________________________________________________________________________


    https://paste.opensuse.org/f259b19b

  5. #25

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    OPPS.... left out this fix.

    Code:
         if [[ "$VirusFoundFlag" -eq 0 ]];then
              VirusStatus="clean"
              #rm -r "${Current_Vault_Folder}"
         else
              VirusStatus="virus"
              mv "${Current_Vault_Folder}" /var/log/VirusVault/VirusFound
         fi
    Remove the #.

  6. #26

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    Extra info fix:

    Code:
                #scan for matching partition types in parms
                Found_Match=false
                #printf "%s\n" ${ScanPartitionFileSystems[@]}            
                for Scan_File_System in ${ScanPartitionFileSystems[@]};
                do
                    #printf "FS= '%s':parm= '%s'  " $File_System ${Scan_File_System[0]}
                    #if [ "$File_System" = "$Scan_File_System" ];then
                    #    printf "true\n"
                    #else
                    #    printf "false\n"
                    #fi
    
                    if [[ "$File_System" == *"$Scan_File_System"* ]];then
                        Found_Match=true
                    fi
                done

  7. #27

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    I'm almost ready to release betatest5. I may separate the background command from suspend and power-off. I need to run more tests as well.


    Code:
    ______________________________scanvirus configuration______________________________
    date +'%Y-%m-%d %I:%M:%S%P'
    TimeStamp= %I:%M:%S%P
    DateStamp= %Y-%m-%d
    ______________________________________________________________________________
    ExcludedScanFolders= dev etc kdeinit5__0 proc tmp srv sys var .snapshots
    ___________________________________________________________________________________
    Bash Suspend Command
    1= 'systemctl suspend' - openSUSE, Ubuntu, Fedora, Arch, Debian, etc
    2= 'pm-suspend' - Void, Gentoo, Devuan etc - pm-utils power management suite
    SuspendCommand= 1
    ___________________________________________________________________________________
    Suspend or power-off lock screen - GNOME KDE
    LockScreenCommand= 0
    ___________________________________________________________________________________
    MSWIN scan - partition file system types
    ScanPartitionFileSystems= ntfs vfat
    ___________________________________________________________________________________
    List users group filter
    UserGroupFilter= users
    ___________________________________________________________________________________
    Scan Log Format
    %o  OS Type
    %s  Virus Status
    %f  Scan Folder
    %n  Scan Time
    %c  Command Options
    %t  Time Stamp
    %d  Date Stamp
    
    ScanLogFormat= %o %s %f %n %c %t %d
    ___________________________________________________________________________________
    Code:
    Scan Virus
    help commands
    -------------
    virus scan linux files
        p1: -l or --linux
        p2: u   freshclam update      (optional)
        p2: l   low system priority   (optional)
        p2: h   high system priority  (optional)
        p2: s   suspend on end        (optional)
        p2: p   shutdown on end       (optional)
        p2: f   scan folder           (optional)
    
    virus scan windows files
        p1: -m or --mswin
        p2: c   copy infected files to vault     (optional)
        p2: m   move infected files to vault     (optional)
        p2: u   freshclam update                 (optional)
        p2: l   low system priority   (optional)
        p2: h   high system priority  (optional)
        p2: s   suspend on end        (optional)
        p2: p   shutdown on end       (optional)
    
    open virus vault - Desktop: KDE & GNOME
        p1: -vf or --viewfolder
    
    view logs
        p1: -vl or --viewlogs
        p2: l or m  mask by linux/mswin scans   (optional)
        p2: c or f  mask by clean or virus      (optional)
        p2: d       mask by date                (optional)  
        p3: year                                (optional)
        p4: month                               (optional)
        p5: day                                 (optional)
    
    view virus reports + virus files
        p1: -vr or --viewvirusreports
    
    view version information + configuration file
        p1: -v or --version
    
    Copy virus folder to user #
        p1: -cv or --copyvirusvault
        p1: -mv or --movevirusvault
        p2: l  list users
        p2: user number
        p3: c  compress folder 
      
    view help file
        p1: -h or --help

  8. #28

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    Betatest5 release available for one day.

    Don't upload anywhere. All the the bugs and design flaws should be removed. This last betatest before the stable v1.00 release.

    Note any bugs or other problems here.

    CFG UPDATED: delete old cfg or update new lines. Scanlogs and other functions will not work unless cfg is updated.

    Update: Partition log {} has been removed. I may put it back for the final release.


    https://paste.opensuse.org/51e0bcea

  9. #29

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    Bug fix: CV/CV brace misplaced on the chown line.

    Code:
                                  if [[ "$3" == *'c'* ]]; then
                                       printf "Compress folder --> VirusFound.tar.gz\n"
                                       tar -zcvf "${User_Folder}/VirusFound.tar.gz" -C "${User_Folder}" VirusFound --remove-files
                                       chown -R "${User_Name}:${UserGroupFilter}" "${User_Folder}/VirusFound.tar.gz"
                                       chmod -R u=rwx,g=,o= "${User_Folder}/VirusFound.tar.gz"
                                  fi

  10. #30

    Default Re: SCANVIRUS application layer for clamscan - alpha 8 - suggestion box

    I've done many tests on linux folders and a full scan. I've done quick tests on mswin scans. I will do doing be mswin full test, all night. If I keep it, the partition log{} will be in both mswin and linux scan logs.

    I'm doing heavy bug testing to ensure this stable v1.00 release has NO BUGS! This is reason for the delays.



    I'm starting a total conversion from bash to c code. It's going slowly, scanvirusbin. I'm almost done with the init code. I just need to write cfg file reader. The security will be much better.

Page 3 of 4 FirstFirst 1234 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •