What’s New In The Latest Version of the VSTK
Two visual modules (visual-scan, visual-console server) were newly added to VSTK-180.
Visual-scan, users can perform scanning/integration-check under GUI (Graphic User Interface) environment without typing UNIX/Linux commands.
Currently, only following platforms in VSTK-180 can support the visual-scan module.
- debian31 32bit
- debian4 32bit
- debian5 64bit
- redhat5 32bit
- redhat5 64bit
- ubuntu8.04 32bit
- ubuntu10 32bit
Visual-console, users can easily setup a "central management system" to monitor many remote machines at the same time at one location through the server-client approach.
VSTK-180 includes only server part ("Visual-Console (Server)") which needs to be installed on a target machine to be monitored. To setup the entire "central management system" using the "visual-console", users need a "Visual-Console (Master node)" which is separately distributed. Please contact the CyberSoft sales team (sales@cyber.com) for more information about the Visual-Console (Master node)
Two obsolete scan-engines (emu_engine and Entry_engine) were dropped/disabled, and scan tools (vfind, vfind-mt, vfindd, vfindd-mt) in VSTK can provide faster scan-time with this optimization.
RTS (Real Time Scanning) module was newly added to VSTK-180. With RTS daemon (rts_daemon), the files in RTS watch-list ("rts_watch.list": list of directories need to be watched) can be monitored on a real-time basis automatically. More details of its usage is in "rtsd.txt" in VSTK-180.
Currently, only following platforms in VSTK-180 can support the RTS module.
- redhat5 (5.3) 64 bit
- redhat5 32 bit
- Debian5 64 bit
- Ubuntu8.04 32 bit
- Ubuntu10 32 bit
- Suse10 32 bit
Oracle’s redo (archive) log file-type information was added to UAD’s file-type DB, and UAD now can detect the "Oracle_Redo_Log" file type.
Client’s IP blocking routine (through whitelist) was implemented and added to vfindd/vfindd-mt. If un-authorized client’s IP which is not registered in server’s whitelist trys to connect to server, server blocks/refuses the connection and send a new SVSP(Simple Virus Scan Protocol) response ("DENIED").
According to the vfindd’s update, vfindc was also updated to manage the new SVSP response(DENIED). Before this update, vfindc would keep trying to re-connect a socket if a wrong response (other than READY) is received. Now, vfindc just gives up the reconnetion if the response from vfind-daemon is "DENIED".
The new SVSP command, SCAN/FILE-SHA1, in vfindd/vfindd-mt was upgraded to get more load-balance per CPU-core and better performace/speed through minimizing shared locks/mutexs. Instead, each thread creates a new space to keep its own sha1-hash value.
Android (mobile) .dex file-type information was added to UAD’s file-type DB, and UAD can detect the three versions of Android .dex file-type now.
The base URL to download new vdlset in vdlupdate script is changed from base="https://update.cybersoft.com/VDL/165" to base="https://update.cybersoft.com/VDL/180" This change is for our new myCybersoft.com site which is our new web-server, and it uses new and bigger DB for customers. The old base link will be supported for a while for the users who need to keep old VSTKs.
VSTK-180 starts using new LICENSE (type-10 format). To use VSTK-180 properly, CyberSoft strongly recommend users to re-generate a new LICENSE with ActKey. The ActKey will be displayed at the end of the VSTK installation procedure. Please note that users can generate the ActKey separately using the "actkeygen" module in VSTK. With the ActKey, users can generate the new Type-10 LICENSE through one of two ways below. - Generate the new (type-10) LICENSE on my.cybersoft.com or Contact Cybersoft sales team to get new LICENSE.
