Anti-Malware Scripts

Created: 2010-07-13
Author: Dylan J. Sather
Contact: [email protected]

About/Credits

The Grinnell College Helpdesk has used scripts like these for years. Evan Case and C.M. Lubinski made a number of improvements; Dylan J. Sather rewrote the script almost entirely from scratch

These scripts fulfilled a very specific need for our helpdesk: we wanted to automate the retrieval and distribution of commonly-used Anti-Malware programs, reducing the time we spent downloading and installing the programs on individual user computers

These scripts currently run on Linux only. For us, this was ideal; for many normal users and Helpdesks, it's probably not. A big to-do is making these scripts portable. Slight tweaks will make it run on Mac OS X/BSD/*nix systems -- GNU sed and GNU dd, for instance, vary slightly from their BSD equivalents. Such variation breaks the scripts.

These scripts are licensed under the GNU GPL. You should have received a copy of the GPL along with this program. If not, see http://www.gnu.org/licenses/

Files

There are two sets of files: the initial set of scripts to run, and the Anti-Malware files/logs generated in the $DOWNLOAD_DIR, defined in downloadTools.sh

• scripts : .antiMalwareFiles, .sedCommands, downloadTools.sh, moveUpdates.sh
• $DOWNLOAD_DIR/AntiMalware : [Anti-Malware files], download.log, error.history, error.log (temp file)

Scripts

downloadTools.sh

This script downloads the newest Anti-Malware files/definitions to a specified directory, $DOWNLOAD_DIR. Depending on the directory, you may need to run this script with root privileges

Most of the URLs from which we fetch the programs/definitions are defined in a hidden file, .antiMalwareFiles. wget reads the URLs from this file in succession and logs errors if anything goes awry. If you want to download any additional programs/updates, you should add them to .antiMalwareFiles

Furthermore, all errors are emailed to $EMAIL. You'll need to add your email address here if you'd like to receive error messages. These messages are also logged in $DOWNLOAD_DIR/AntiMalware/error.history . The servers are some mail providers will reject these poorly-formatted e-mails

moveUpdates.sh

At the Grinnell College Helpdesk, we had a number of flash drives whose sole purpose was to store Anti-Malware programs. Thus, we wanted to make sure we kept the most up-to-date software on these drives

This script takes the files we just downloaded with downloadTools.sh and moves them to all FAT32-formatted drives attached to the machine on which the script is run. It also fills the drive with arbitrary data from /dev/zero, effectively write-protecting the drive

Important notes

At the GC Helpdesk, we run downloadTools.sh on a central server and pull updates from another client machine with moveUpdates.sh (hence the downloads in moveUpdates.sh with cURL). Since the server functioned as a local (campus) mirror, it was ideal to have the software available for the general public for download, and subsequently pull the updates from that mirror onto a local machine to move to our flash drives

Point is, both scripts could easily be run from the same machine. Instead of cURLing the files in moveUpdates.sh, cp them from the specified $DOWNLOAD_DIR, instead

Issues

To view, update, or create a new issue, please check out the Github issues page:

https://github.com/satherdy/Anti-Malware-Scripts/issues

You can also contact Dylan directly

Contact

This set of scripts is currently maintained by Dylan J. Sather, who can be contacted at [email protected]. Suggestions and criticism are welcome