home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
BBS Toolkit
/
BBS Toolkit.iso
/
qbbs
/
thdpro5.zip
/
THDPRO.DOC
< prev
next >
Wrap
Text File
|
1993-02-01
|
30KB
|
504 lines
THD ProScan Ver 5.0
First... Thank you for downloading this file.
Credits...
Thanks to all the sysops who, at various stages, helped in the
betatesting of this product. Many helped me to find "minor" inconsistencies
and fix them before you got to see it.
A VERY special thanks to "Witch Doctor" for his great assistance in
betatesting the first releases and making valuable suggestions about the
program.. Many of which were implemented, And of course some which were
not.. But all of his suggestions and comments were considered.
A special thanks as well to "Eternal Darkness" for his contribution of
the "user side ansi screen". He willingly gave me a number of "ansi" drawings
with permission to modify them as was necessary to suit my purpose. The ansi
your users see is only very slightly modified from the ansi I received and I
think he did an excellent job.
A thanks as well to David Luckie who reported the problem which Version
4 fixes. Without his inquiries the integrity of this program might have been
severely compromised.
And to Tim Strike for his assistance in relaying David's concerns and
replies so that I might be able to fix the problem.
Support for this tester can usually be found on TELENET CANADA.
Requests for support on TELENET CANADA should be directed to
David Muir. Inquiries about this tester can be made in TELENET
TELEGARD or BBS support areas. In the event that Dave is unable
to assist you directly, there are numerous people in TELENET
who are familiar enough with my program to offer some technical
assistance. Advice about configuring YOUR BBS program to run THD
ProScan would best be handled by someone familiar with that BBS
software. I am only familiar with Telegard and T.A.G. in respect
to having sufficient knowledge to offer technical assistance in
setting them up to run this tester. THD ProScan V5.0 is however,
generic and can be run by almost ANY BBS with the correct setup.
THD ProScan is an upload tester for ANY BBS which is capable of sending
a command line of the following format.
"C:\UTILS\THDPRO.EXE D:\NEWFILES\TEST.ZIP"
{Where "C:\UTILS\THDPRO.EXE" is the full path and filename to the THD ProScan
executable file and "D:\NEWFILES\TEST.ZIP" is the full path and filename to
the file to be tested}.
***************************** WARNING *****************************
Remote dos redirection must NOT be set to a comport or device other
than "CON" during the running of this upload tester. Failure to
pay attention "could" ( in some cases ) cause paths to be displayed
to a remote user. If necessary, run it from a batch file with the
first line "CTTY CON". This will not be necessary in MOST cases.
If when running the scanner you do not see the utilities performing
their functions, the output is being redirected to somewhere else.
************************* END OF WARNING **************************
******************************* WARNING *********************************
** This Version of THD ProScan is designed to recognize files **
** created by PKZIP 204c and PKZIP 204e. Therefore it requires that **
** your version of PKZIP be PKZIP 204e. **
** The use of any version prior to 204e WILL result in valid files **
** failing the CRC test. While it does still recognize and handle **
** version 1.10 files, it also recognizes the newer file formats. **
** Version 1.10 will NOT be able to handle the new formats and will **
** cause the files to fail testing. **
** This, of course, only applies to those of you who wish to test **
** "ZIP" type files. **
** If you are going to test "ZIP" files with this tester, then you **
** MUST use PKZIP 204e or risk failing files. **
***************************** END OF WARNING ******************************
Features..
- Identifies all archives by their internal signatures.
- Including self extracting archives.
- Allows files to be rejected based on the dates of the files
inside the archives.
- Can reject files by name using a "hack list" (HACK****.COL file
compatible)
- Support for remote ansi or ASCII as determined by auto ansi detect.
- Suppression of remote output through the use of "comport 0".
- Option to NOT modify "ZIP" archives which have a valid "AV".
- Strips comments from all archives before any processing is done
(to avoid "ansi bombs" in comments). This features will not protect
the end users if the "internal" archives contain such bombs.
- Recreates full directory structure "from" the temporary directory,
thus allowing all internal archives to be tested regardless
of how deeply imbedded they may be.
- Does not allow the "overwrite" option on any of the archive types.
(stops some forms of "hacking")
- Add your loaders and/or archive comment to the main archive.
- Will use one of as many as three drives to test files by
searching in order to find enough available space on one of them.
- "Intelligent" installation which will attempt to do as much of
the installation for you as is possible.
- New in this version, The configuration of a version 4 THDPRO.EXE
can be used automatically.
- Full control over the options available and paths to archive utilities.
- Support for ZIP-GIF-TD0-ARC-ARJ-PAK-HYP-LZH file types.
- Will Virus scan all file types regardless of types configured.
- Remove unwanted files from the archives tested.
- Option to hang up on users who upload viruses.
- Option to reboot after a viral detection.
- No Known ways to "alter" the operation of your BBS through it's use.
- All operations controlled by a single executable file.
- The executable file can be compressed by PKLITE (or similar utility)
after the installation has been run, with no ill effects on it's
proper operation.(Configuration cannot be performed on a "compressed
executable file")
WHAT WILL IT DO..
THD ProScan will ..
1) Check (and/or reject) files from a user supplied list of files
2) Strip the file comment and add your comment.
3) CRC test the file
4) FIND a drive with enough space to test the file
5) Create a directory called "THDTEMP.$$$" on that drive
6) Remove files (if configured) from the archive.
7) Check dates to reject old files (if selected).
8) Expand the archive into that directory while recreating
its internal path structure.
9) It will then scan each of the files in that directory and
all subdirectories below it.
10) It then selectively searches each of the subdirectories created
for testable archives. If found, it repeats the above process
until no more archives are found. In this way EVERY imbedded
archive is tested, regardless of where it is in the directory
structure or how far imbedded it is. Every directory created
by the original archive or any of the embedded archives is
tested and scanned by THD ProScan.
11) Add your loaders to the archive
12) It maintains a log in your BBS directory of all actions performed.
13) It then proceeds to remove the temporary directory structure.
14) Reports the appropriate errorlevel to dos.
The actual process is of course much more complex.. But the above
overview is a decent summary.
Requirements...
This tester requires
PC/XT (or compatible)
MS-DOS 3.3 (or higher)(other "DOS" systems MAY be acceptable)
A FOSSIL DRIVER (user output will not be sent if no fossil is found
but the testing will still be done)
APPROX 325k FREE memory
(memory requirements will vary depending on your version
of SCAN.EXE. The actual overhead of this program is 75k)
McAFEE's VIRUSCAN (the newer the better)
The following utilities are required depending on which file types you
wish to test.
LHA.EXE for "LZH" files
ARJ.EXE for "ARJ" files
PKZIP/PKUNZIP for "ZIP" files (supports vers 1.10 and 2.04c)
PKARC/PKXARC for "ARC" files
PAK.EXE for "PAK" files
HYPER.EXE for "HYP" files
TDCHECK.EXE for "TD0" files
GIFTEST(ver 4) for "GIF" files
INSTALLATION...
Included are 10 files.. NEWINV5.TXT,THDPRO-5.ADD,THDDEMO.COM,
THDPRO.DOC,THDPRO.EXE, HISTORY.DOC and THDINSTL.EXE. WARNING.TXT,
THDSETUP.TXT and THDTERM.ZIP.
THDPRO.EXE is the actual upload tester and controls or performs
all actions of the "testing" from "File Allocation Table move" to removal
of the temporary directory.
THDTERM.ZIP is an archive containing a simple interface for use of THD
ProScan without a BBS. Read the documentation included in that archive
pertaining to its use.
HISTORY.DOC is a simplified history of THD ProScan.
NEWINV5.TXT is a listing of the changes and added features between
version 4 and this release. Please see HISTORY.DOC for a list changes to
the program.
WARNING.TXT is a text file listing the warning above in regards to
the use of PKZIP204E.
THDSETUP.TXT is a text file explaning how to set up THD ProScan
to run on a T.A.G. or TELEGARD BBS. As well it contains a simple batch
file for processing entire directories of files.
THDPRO-5.ADD is a sample file comment for use with the tester. It
serves only as an example and is NOT required for proper operation of
the tester.
THDINSTL.EXE is the INSTALL/CONFIGURATION utility. It MUST be run
in order for the scanner to operate correctly.
Basically all that is required is that the THDPRO.EXE be in your
current directory when you run THDINSTL.EXE.
THDINSTL.EXE will search the executable file for any previously
configured settings. If none are found it will go through the
installation step by step. If however it finds that the installation
has previously been run, it will simply load the previous information
and take you to the final two option screens. From these two screens
you may select (by letter) to modify any of the previous configuration
parameters.
The "original" installation process can be defaulted to by running
"THDINSTL.EXE /F". This will cause the install to NOT look for old
settings and simply start an install as if it were the first time.
When you run the installation, it will ask you a number of yes/no
questions and depending on your answers will prompt you for certain
things. Certain things are mandatory.
Running THDINSTL.EXE followed by the full path and filename to your
version 4 THDPRO.EXE will cause it to take all the settings from version 4
and place them into version 5.
The use of "∙" (alt 249) is forbidden in ALL entries in
the installation. If used, the string in which it was used will
be "CUT" down to the character immediately preceding it. This
will result in unpredictable results. DO NOT use that character.
╔═════════════════════════════════════════════════════════════════════════╗
║ A-- BBS name -- Your BBS Name ║
║ B-- Comport -- 2 ║
║ C-- Test Drives -- C: D: E: ║
║ D-- Reboot? -- N ║
║ E-- Drop Virus uploader -- Y ║
║ F-- Protect "AV" zip files-- Y ║
║ G-- THDPro Log size -- 50000 ║
║ H-- BBS directory -- D:\BBS ║
║ I-- Reject Directory -- D:\BBS\DLS\SYSOP ║
║ J-- Files to be added -- D:\MYLOADER.TXT ║
║ K-- Files to remove -- README.ROS BBSAD.* ║
║ L-- Comment File -- D:\BBS\UTILS\COMMENT.TXT ║
║ M-- File dates -- Limited to 15 days. ║
║If any of the above is incorrect, Enter the corresponding letter ║
║Pressing [enter] will move to the next checking screen ║
║Press [enter] or letter to correct ---> ║
╚═════════════════════════════════════════════════════════════════════════╝
"BBS NAME"
This of course could be your name or alias if you prefer,
BUT something must be entered.
This entry MUST be between 4 and 35 characters in length.
"COMPORT"
This MUST be a valid comport as the tester will output to
the comport on every run. (the comport need not be active
to run the scanner, but must exist).
A comport of "0" may be selected if you wish to suppress
all remote output. (useful if you wish to test a file while
online to a BBS)
"TEST DRIVES
This is a list of valid drives that THD ProScan can use
to test the archives.
"REBOOT"
Do you wish THD ProScan to Reboot after finishing it's
testing if it finds a virus?
"DROP VIRUS UPLOADER"
Do you wish to drop carrier (hang up) on users who
upload virus infected files?
"AV PROTECTION"
Do you wish to NOT modify "Zip" files with a valid "AV"?
"THD PRO LOGSIZE"
Multiple choice of the maximum size to write to the
log file. After exceeding this size, the next test will
rename that file and create a new THDPRO.LOG file.
"BBS Directory"
This directory need not be your BBS directory. It can be
any existing directory where you would like to keep the
"log" file created by the tester. This is also the
directory you will be in at the completion of a successful
test.
"REJECTED DIRECTORY"
This is the directory into which you wish files which fail
the scan portion or cannot be tested should be "moved".
"FILES TO BE ADDED"
Files that you wish to be added to every archive tested.
You can enter individual filenames (wildcards supported).
OR a single directory with "*.*".(max 40 characters)
"FILES TO REMOVE"
A list of files to remove from from each archive tested.
Wildcards are supported (40 characters max)
"COMMENT FILE"
The full path to a file to be used as an archive comment
(Will only be inserted in those file types which allow
more than a single line comment).
"FILE DATES"
Can be limited by "AGE" or by "DATE" or not at all. This
date limitation is based on the files INSIDE the archive.
The archive date itself is not considered in this
calculation. Be very care how you use this function.
GIF and TD0 files are not subject to date checking.
╔═════════════════════════════════════════════════════════════════════════╗
║ N-- Scan.exe path -- D:\SCAN.EXE ║
║ O-- PkZip.exe Path -- D:\PKZIP.EXE ║
║ P-- PkunZip.exe Path -- D:\PKUNZIP.EXE ║
║ Q-- Arj.exe Path -- D:\ARJ.EXE ║
║ R-- Lha.exe Path -- D:\LHA.EXE ║
║ S-- Pak.exe Path -- D:\PAK.EXE ║
║ T-- PkArc.com Path -- D:\PKARC.COM ║
║ U-- Pkxarc.com Path -- D:\PKXARC.COM ║
║ V-- Hyper.exe Path -- D:\HYPER.EXE ║
║ W-- Giftest.exe Path -- D:\GIFTEST.EXE ║
║ X-- TDcheck.exe Path -- D:\TDCHECK.EXE ║
║ Y-- Hacklist Path -- D:\HACKLIST.TXT ║
║If any of the above is incorrect, Enter the corresponding letter ║
║Pressing [enter] will complete the installation. ║
║Pressing "Z" will take you back to the previous option screen. ║
║Press [enter] or letter to correct ---> ║
╚═════════════════════════════════════════════════════════════════════════╝
"????????.??? PATH"
All of the above which are configured MUST include full
drive\path\filename in order for the tester to operate
correctly.
Of the above... only "SCAN.EXE" is absolutely mandatory.
The others should be configured as needed to test the
corresponding file types.
"HACKLIST PATH"
Hacklist Path is the complete path and filename to a file
which contains a list of file "names". This file can not
contain extensions or the "." between the name and extension.
The "COL" files contained in the "Hack Report" can be used
"as is" for this purpose.
If you wish to create your own list of undesirable files,
you need simply create a file which consists of filenames.
One name per line and all in capital letters. The following
would be acceptable as a hack list.
PKZ201
HACKFILE
GARBAGE
If this were your list then all files with those names
(regardless of their extensions) would be failed.
This option can be skipped by pressing "enter" when prompted.
All entries which require a "directory" require that there be no ending "\"
at the end of the path. All Filename entries require full path and filenames.
The entries made in the installation MUST NOT exceed 40 characters
per entry. If you enter more than 40 characters the entry will be accepted,
but cut down to the first 40 characters. However If file paths are cut by
this process, the results are totally unpredictable. If any of your entries
wraps on the final two screens of the install.. THEY WILL NOT FUNCTION as
intended and you will need to use files in a different location than those
entered.
Although the program could possibly accept filenames without paths in
some instances, I STRONGLY suggest you not accept such entries and modify
them to include a full path.
The install will attempt to locate the "SCAN and ARCHIVE" files that you
wish to use for testing. As well as the correct number of drives that
are available (of which THD ProScan can use a maximum of 3).
If you read the instructions given for each step during the install process
and follow them exactly, you should encounter no problems at all with
the setup procedure. The install can be exited at any time by pressing
"CTRL-BREAK". No information from that session will be saved. (Unless
perhaps you manage to press it while the program is in the middle of
saving the information you have entered)
THDPRO.DOC
-You're reading it
THDDEMO.COM
A simple demonstration of the user side view of what happens while the
scanner is running. This is included just in case you have never seen this
tester in action before. Your side will display the various utilities
performing their duties and a short explanation of what the tester is doing.
"THE TESTER"
This is my first ever "real" program. It was made to satisfy a number
of people who saw my "batch program", THDscan, but were unwilling to use it
based on it's dependency on 4DOS or NDOS.
The reason that this program uses 75k of memory is due to a very large
"stack" segment which is reserved for the use of "imbedded" archives. By
reserving such a large stack, the program is able to run recursively for
much longer and thus test imbedded archives far beyond the first level.
I may reconsider the "size" of the reserved portion in later versions. But I
trust that most "shells" from BBS programs can leave enough memory for this
program to run as is.
This program is just as secure as THDscan and more secure than Ziplab or
PKINSERT. There is no way to change the "way" this scanner operates (without
hacking it) for a good reason. Even some of the most noted upload testers
make a very serious flaw in the way they handle uploaded archives. By not
allowing the user to change these settings, I avoid someone opening one of
those "all too evasive" back doors and hacking into your system. So please
don't ask me to change the parameters that this program uses. They are that
way for a reason. (I will of course be happy to change any that prove to be
incorrect or cause "real" problems).
This scanner will exit with one of 7 DOS errorlevels.
ERRORLEVEL 0 - All tests were passed satisfactorily.
- The scanner will also exit with this errorlevel under
a number of "odd" circumstances which will avoid having
a file fail due to some unforeseen difficulty.(This includes
failing to supply a proper path to the file to be tested and
a number of other small things)
ERRORLEVEL 1 - An imbedded archive failed the CRC test.
ERRORLEVEL 3 - The file has failed due to the date restriction.
ERRORLEVEL 4 - The file was failed for being on the Hack list.
ERRORLEVEL 5 - An imbedded archive failed the CRC test due to a disk read
error. (used by some BBS programs to determine if the file
is to be resumed later.)
ERRORLEVEL 10- A virus was detected during the "scan".
ERRORLEVEL 15- The main archive failed the CRC test.
The reason for having an errorlevel 1 exit, is that this tester
originally did recognize imbedded archives by name, And as such "could"
have attempted to unarchive a file with the same extension as a valid archive
format without that file actually being an archive. This of course would
cause the file to fail the CRC test. By setting the "errorlevel for success"
in your BBS program to "1" you could avoid failing these files. However, I
suggest that the errorlevel be set to "0" as no reputable programmer would
use the extensions of known archivers to name files of another format. But
it is, of course, your option.
This is left over from version 1. And although the reasoning is
no longer accurate. I thought that there may still be some persons out
there that use it. If not.. then there is no loss.
The operation of the scanner could not be simpler. You need simply
run THDPRO.EXE while supplying it with the FULL path and filename of the
file to be tested. I STRONGLY suggest that you also supply the full path
and filename to THDPRO.EXE as well (not necessary but it too can help to
reduce hacking). So the proper syntax would be as follows...
C:\UTILS\THDPRO.EXE D:\NEWUPS\TESTFILE.ZIP
{Where THDPRO is located in "C:\UTILS" and the file to be tested
is "TESTFILE.ZIP" which is located in "D:\NEWUPS"}
The tester optionally accepts one other parameter. That second
parameter can be a single digit between 0 and 8. This parameter is the
number of the comport to be used for remote output and is only necessary if
you wish output to a comport other than the one specified during the
install. Using "0" will not send any remote output. Numbers between 1 and 8
will send to the comport of the corresponding number. If run without
parameters, It will simply display the correct syntax. ERRORLEVEL 0 will be
returned in any event where a file is not tested (to avoid the BBS software
deleting files due to improper syntax).
While geared toward the testing of archived files, The tester will
viruscan any file type for which it is not configured. So having your BBS
use this tester to scan "EXE" and "COM" files is an excellent idea. (The
addition of "self extracting" testing makes this a good idea as well.) The
passing or failing of such files will be based solely on the result of
the scan and no other operations will be attempted on the file aside from
the scan. Any valid filename can be passed if you wish it to be "scanned".
I suggest that you configure your BBS to "test" all files with "executable"
extensions as well as any "OVL/OVR" files.
NOTES-
If a file fails the scan portion or is for some reason unable to
be tested, the file will be moved to a directory you specify. Priority
is given to a "File Allocation Table" move. Thus if the destination drive
is the same as the source drive, only the "FAT" will be modified (this
allows a 4 megabyte file to be moved in less than 1 second.) If the source
and destination differ then the file will be moved by "copying" it to the
destination and deleting the original (if the copy was successful). If the
file cannot be moved for whatever reason, it will be renamed with an
extension of "THD" (if it could not be tested) or "VIR" if it failed the
viruscan, it will be renamed during the move if it was virus infected
regardless of success of the move operation).
This programs creates and removes a directory called "THDTEMP.$$$".
If this directory exists on any of your drives... Either rename the directory
or do not allow that drive to be used for testing. There is no recovering
from the removal of this directory.
This program depends on the fossil driver to send messages to the user.
If no fossil is active, the testing process will still occur, but the user
side will be blank. The fossil is also used to drop carrier and/or reboot
the system if you have chosen those options in the installation.
This program no longer requires the remote user to have "ANSI.SYS".
If the user does not have this, he/she will see the a "bare bones"
description of what the tester is doing. There will be no "glitz" on
the ASCII output.
I strongly suggest that after the installation is complete and the
executable file is in it's permanent place, that you make it a read-only
file. This will be yet another deterrent for "wanna-be" hackers who would
attempt to overwrite this file.
The only known problem with this tester is that if an unscrupulous
person attempts to overwrite certain files on your system, the program will
hang pending "user input". IF YOU EVER see such a prompt on your system
while this program is running, DO NOT ALLOW the overwrite. This program
accounts for all "normal" circumstances of overwrite attempts and will hang
only if the user finds a way to overwrite files outside of this testers
control. Allowing such overwrites could result in total disaster.
This program and all of its associated names, files,
logos and makeup are Copyright 1992 PainSoft. (Version 5 is
Copyright 1993 PainSoft). No duplication in whole or in part
is allowed. With the exception of duplication of the entire
archived set of files for distribution to those in need of
it's services. None of the copyrighted material may be
changed in any way, except by the author. Changes made by the
"original/unmodified" installation program will be considered
to have been made by the author for the purpose of this
copyright. The files may be rearchived in ANY fashion which
requires them to be restored to their original condition
before use. ( Portions Copyright Borland International ) The
executable files may be "compressed" to save space but may
not be distributed in this "compressed format". The Author
accepts no responsibility for the actions of this program. It
is FREEWARE and NO charge may be made for it's distribution.
It is NOT a commercial product and as such the ONLY acceptable
charge for it will be "actual, physical cost of duplication".
I do not profit from it monetarily and any attempt of other
persons to do so shall be considered an infringement of my
copyright.
Other products mentioned are copyrighted by their respective
owners and include their own restrictions for use. Please be
sure to register those products if requested by the copyright
owners.
Thank You for taking the time to read this document. I hope this upload
tester serves you well and helps to keep your system free of viral infection
and a little safer from potential hackers.
David Muir
of
..PainSoft..