What's New In The Latest Version of the VSTK
All versions of CyberSoft's VSTK Family of computer security toolkits fall under this umbrella - VSTK and VSTK/P all share the same basic tools; therefore, this version number applies to all the toolkits in CyberSoft's Vfind™ Security Toolkit line. Customers with current Maintenance and Support contracts are eligible to upgrade to the latest version for free.
Why upgrade to VSTK-179?
[1] A new example script is added under $VSTK_HOME/example_scripts directory. The script (uad_vfind_noscan.sh) is an upgraded version of existing uad_vfind.sh. It's especially useful for excluding specific mount point(s) recursively from scanning. Unlike the existing uad_vfind.sh script, the new script uses _config_noscan.sh instead of _config.sh. This script is also helpful if existing scripts (excluder.pl, noscans.sh) do not properly work on your specific shell environment.
[2] The issue regarding the "truncated hostname (or nodename)" during the LICENSE checking procedure is fixed. Before this update, some Centos (and a few Redhat) users met a weird situation that their hostname (or nodename) on the error-log message is truncated (with truncated length) when they use a wrong VSTK LICENSE which has a wrong hostname (or nodename) in it.
[3] The routines for the "SCAN/FILE-SHA1" SVSP command in VFind/VFind-mt are upgraded. With this upgrade, the routines for the "SCAN/FILE-SHA1 command" can share the data with scan-engines. Accordingly, re-opening the file for calculating its SHA1-hash is not necessary, and VFind/VFind-mt can get better performance through reducing the number of file I/O.
[4] The bug on --vexit option with vfindc (vfind client) was fixed, and its patch version is 1.1.4 (VFC). Before this patch, (with --vexit option) vfindc always returns 1 regardless of the scanning result. It should return 0 if no virus detected, and return 23 if virus is detected.
[5] The "MakingPlatformLog" function to generate a platform.log file in $VSTK_HOME is newly added to the install.sh. Using the file, users/CyberSoft engineers can easily trace the binary compatibility issue based on the platform installed.
[6] The ability of UAD to detect file-types was increased. With this upgrade, new version of UAD can detect following two new file-types; - HDF-5 (Hierarchical Data Format-Version 5) and - HDF-4 (Hierarchical Data Format-Version 4)/HDF-EOS file-type
[7] New SVSP command (SCAN/FILE-SHA1) is added to vfindd/vfindd-mt (daemon) module. With this new SVSP command, a client program can get the SHA1-hash value of the file scanned, and it's especially useful if the client program needs to check the integrity of file(s) after scanning.
[8] The "mergingFlag" and its related statements in vdlupdate script was commented out, because the flag MAYBE nessary ONLY for few old HP/UX users. If the flag is necessary, users can open the commented statements any time.
[9] Two new example scripts were added to the example script directory. - boot_CIT.sh This script shows how user can detect changes in boot secter using CIT - cit_uad_report_vfind.sh This script shows how user can generate UAD's output as a separated file when CIT, UAD, and Vfind are running under SmartScan protocol.
[10] -d (--dup-check) option for VFIND/VFINDD generates a "segmentation fault" error. It occurs only on VSTK-178 version which newly includes the md5-engine. The problem was fixed through updating vfindlib related to the new md5_engine.
