home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The 640 MEG Shareware Studio 2
/
The 640 Meg Shareware Studio CD-ROM Volume II (Data Express)(1993).ISO
/
bbs
/
filefi09.zip
/
FILEF.DOC
< prev
next >
Wrap
Text File
|
1992-09-12
|
5KB
|
153 lines
"FILEFind" freeware (beta version)
Archive name FILEFI* (because another soft is called FILEF)
Purpose :
Scanning of text files containing names/description of files ("filelists")
May search :
- Hacks, virus, trojans ... (by their names, as mentionned in conferences
and reports)
- New releases of softs
- Probable members of a "twit list"
...
Quick test :
- Copy FILEF.EXE and FILEF.DAT in the directory containing your filelist(s)
- Invoke FILEF (use a MORE pipe if possible)
Commands :
FILEF
or
FILEF | MORE
or FILEF > FILEF.REP
To use it :
- Create a file containing the desired names
One name/line, followed by a comma ',', and then a brief description
(rest of the line)
See the example FILEF.DAT (it's not only an example : it contains the
patterns of the nasty files described in the HACK REPORT 0592, dated May
(thanx to the authors))
FILEF uses (among others home-made routines) a PD source from Stan Adermann
(SMATCH.C) in order to process "smarts" wild cards.
Example : *fa*.* is correctly handled
- Invoke FILEF
Parameters :
D<directory of filelists>
default : current dir
All the files (remember : filelists only) in this directory will be scanned
F<name of description file>
default : FILEF.DAT
L<a figure, 1, 2 or 3 : detection level>
default : 2
Level 1 : pattern matching ("smart wildcards")
Level 2 : SOUNDEX (phonetic)
Level 3 : personal method, I'll improve it ! :-))
By default : Level 2
Please note that :
- the accurracy decreases with level of detection increases i.e. level 1
will select less files but also will made less mistakes than level 2
(while level 2 may detect more interesting files)
- all levels performs sub-levels controls also (i.e. level 2 encompasses
level 1)
E<name of a file containing extensions not to scan>
In the file : one extension per line, without periods
All files in filelists with one of these extensions will not be analyzed
Use it to avoid the useless analysis of .GIF, .MOD ... filenames
V
Verbose mode
Invoke FILEF with another parameter (?, for example) to request help
During run you may press a key to exit
Redirection (like FILEF > MYFILES) OK
Output format :
<a figure : detection level> <file name> - <pattern>
<File description (first line of filelist)>
<Comment, as noted in the file of patterns>
Example :
2 DDSK214C.ZIP - DDISK21 (line 508) :
168290 22-Oct-90 [000] More Disk Space !
DDISK214, COMMERCIAL Double Disk
Indicates a detection made by level 2 (first figure of first line)
File in filelist is DDSK214C.ZIP (line 508 in filelist)
Pattern (for example in FILEF.DAT) is "DDISK21"
The second line (168290 ...) reproduces the filelist first description line
The 3rd line indicates the comment attached to the pattern
- FILEF scans filelist-like formated files best, but may handle other
formats if each file name starts at the "significant" beginning (not
counting spaces ...) of the line and does not include illegal characters
(such as '>', '<', '+' ...)
Illegal lines are ignored.
- FILEF only furnish indications !
Please investigate when in doubt.
The original file FILEF.DAT contains patterns of some dangerous files and
associated warnings and infos
FILEF is far more efficient (but slow ...) if the filelist contains the
names of the archived files
Try (in your filelist dir.) :
DIR > LIST
PKUNZIP /V * >> LIST
ARJ /L * >> LIST
LHA /L >> LIST
...
and then invoke FILEF to analyze the file LIST (left alone in a directory)
FILEFind don't make any write attempt on files
It returns usable ERRORLEVELS
FILEFind does not "files dates" filtering because :
- dates format differs between countries
- hackers may, on some BBSes, upload post-dated files
- you may easyly filter it yourself (in a file produced by "FILEF > file")
Sysops may create small files in a reserved zone (no user access) named
like the dangerous ones in order to avoid dangerous uploads.
Do not compress (DIET, LZEXE, PKLITE ...) FILEF.EXE because it's protected
against modifications
On schedule :
Files descriptions analysis (at level 4)
Thesaurus
Author : Nat MAKAREVITCH
Started : 1992/APRIL/05
This version : 92/SEPTEMBER
Langage : C (compiled with Borland C++)
Contact : Temple Of Software BBS : +33 1 49837518 FRANCE
You like this soft?
So please help me !
- Upload here all sure and useful info (HACK REPORTS ...)
- Any comments/suggestions/bug reports are welcome
C U