Scripts Thread, Script Spy in Coding and Web Development; I'm still hacking away at my helpdesk project but in the meantime I've been working on another program - somewhat ...
22nd February 2008, 10:00 AM #1
I'm still hacking away at my helpdesk project but in the meantime I've been working on another program - somewhat like ANFS. Script Spy is a scanner for malicious scripts designed for use on medium/large networks. It features an efficient scanning engine and integration with ClamAV.
I'll be putting in a few niceties, such as the ability to find hidden scripts (eg. a .bat renamed to a .jpg), virus scanning of found scripts with ClamAV and automatic signature updates. Unlike my helpdesk, I'll have Beta quality code available in a couple of weeks time.
Last edited by bizzel; 9th March 2008 at 01:11 AM.
IDG Tech News
22nd February 2008, 10:12 AM #2
22nd February 2008, 10:26 AM #3
22nd February 2008, 12:06 PM #4
Looking forward to giving that a whirl, good job.
22nd February 2008, 12:52 PM #5
25th February 2008, 08:38 PM #6
Well I had a really quiet day at work (something that's happily becoming more common!) so I've been hacking away at the code. I've managed to almost double the speed of the scanning code and it's quite a lot more stable now. Using regular expression matching I've got the scanning engine hitting 4GB a second on a Pentium M 1.7 with 1GB RAM. That's also on a 4200rpm disk!
Obviously that will vary depending on the disk speed and whether you're scanning over the network as opposed to locally. Either way, I'm sure this is several times faster than using the built-in Windows search, not to mention that it scans for all specified filetypes in 1 run.
I've also optimised the threading so the GUI remains nicely responsive throughout. Hopefully I should have a working copy for you to try by the end of the week.
Last edited by bizzel; 9th March 2008 at 01:13 AM.
9th March 2008, 01:15 AM #7
Well the end of the week came and went and, like all programming deadlines, this one wasn't met. I've had a lot of difficulties with the scanning engine due to an interesting quirk of the .net framework when it comes to handling folder security.
I haven't given up though, the scanning is faster than ever. All that remains now is to squash a few bugs (I've already fixed a lot) and complete the front end. In order to make it as reliable as possible, I'm debugging it on a clone of my filesystem which I've deliberately corrupted. No deadlines this time, it's done when it's done.
Last edited by bizzel; 9th March 2008 at 02:28 PM.
By FN-GM in forum Web Development
Last Post: 1st September 2007, 05:57 PM
By starscream in forum Network and Classroom Management
Last Post: 3rd July 2007, 10:24 PM
Last Post: 11th March 2007, 09:42 PM
By SimpleSi in forum General Chat
Last Post: 19th December 2005, 10:28 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)