BBS Toolkit

home *** CD-ROM | disk | FTP | other *** search

/ BBS Toolkit / BBS Toolkit.iso / qbbs / thdpro5.zip / THDPRO.DOC < prev next >

Wrap

Text File | 1993-02-01 | 30KB | 504 lines

THD ProScan Ver 5.0 First... Thank you for downloading this file. Credits... Thanks to all the sysops who, at various stages, helped in the betatesting of this product. Many helped me to find "minor" inconsistencies and fix them before you got to see it. A VERY special thanks to "Witch Doctor" for his great assistance in betatesting the first releases and making valuable suggestions about the program.. Many of which were implemented, And of course some which were not.. But all of his suggestions and comments were considered. A special thanks as well to "Eternal Darkness" for his contribution of the "user side ansi screen". He willingly gave me a number of "ansi" drawings with permission to modify them as was necessary to suit my purpose. The ansi your users see is only very slightly modified from the ansi I received and I think he did an excellent job. A thanks as well to David Luckie who reported the problem which Version 4 fixes. Without his inquiries the integrity of this program might have been severely compromised. And to Tim Strike for his assistance in relaying David's concerns and replies so that I might be able to fix the problem. Support for this tester can usually be found on TELENET CANADA. Requests for support on TELENET CANADA should be directed to David Muir. Inquiries about this tester can be made in TELENET TELEGARD or BBS support areas. In the event that Dave is unable to assist you directly, there are numerous people in TELENET who are familiar enough with my program to offer some technical assistance. Advice about configuring YOUR BBS program to run THD ProScan would best be handled by someone familiar with that BBS software. I am only familiar with Telegard and T.A.G. in respect to having sufficient knowledge to offer technical assistance in setting them up to run this tester. THD ProScan V5.0 is however, generic and can be run by almost ANY BBS with the correct setup. THD ProScan is an upload tester for ANY BBS which is capable of sending a command line of the following format. "C:\UTILS\THDPRO.EXE D:\NEWFILES\TEST.ZIP" {Where "C:\UTILS\THDPRO.EXE" is the full path and filename to the THD ProScan executable file and "D:\NEWFILES\TEST.ZIP" is the full path and filename to the file to be tested}. ***************************** WARNING ***************************** Remote dos redirection must NOT be set to a comport or device other than "CON" during the running of this upload tester. Failure to pay attention "could" ( in some cases ) cause paths to be displayed to a remote user. If necessary, run it from a batch file with the first line "CTTY CON". This will not be necessary in MOST cases. If when running the scanner you do not see the utilities performing their functions, the output is being redirected to somewhere else. ************************* END OF WARNING ************************** ******************************* WARNING ********************************* ** This Version of THD ProScan is designed to recognize files ** ** created by PKZIP 204c and PKZIP 204e. Therefore it requires that ** ** your version of PKZIP be PKZIP 204e. ** ** The use of any version prior to 204e WILL result in valid files ** ** failing the CRC test. While it does still recognize and handle ** ** version 1.10 files, it also recognizes the newer file formats. ** ** Version 1.10 will NOT be able to handle the new formats and will ** ** cause the files to fail testing. ** ** This, of course, only applies to those of you who wish to test ** ** "ZIP" type files. ** ** If you are going to test "ZIP" files with this tester, then you ** ** MUST use PKZIP 204e or risk failing files. ** ***************************** END OF WARNING ****************************** Features.. - Identifies all archives by their internal signatures. - Including self extracting archives. - Allows files to be rejected based on the dates of the files inside the archives. - Can reject files by name using a "hack list" (HACK****.COL file compatible) - Support for remote ansi or ASCII as determined by auto ansi detect. - Suppression of remote output through the use of "comport 0". - Option to NOT modify "ZIP" archives which have a valid "AV". - Strips comments from all archives before any processing is done (to avoid "ansi bombs" in comments). This features will not protect the end users if the "internal" archives contain such bombs. - Recreates full directory structure "from" the temporary directory, thus allowing all internal archives to be tested regardless of how deeply imbedded they may be. - Does not allow the "overwrite" option on any of the archive types. (stops some forms of "hacking") - Add your loaders and/or archive comment to the main archive. - Will use one of as many as three drives to test files by searching in order to find enough available space on one of them. - "Intelligent" installation which will attempt to do as much of the installation for you as is possible. - New in this version, The configuration of a version 4 THDPRO.EXE can be used automatically. - Full control over the options available and paths to archive utilities. - Support for ZIP-GIF-TD0-ARC-ARJ-PAK-HYP-LZH file types. - Will Virus scan all file types regardless of types configured. - Remove unwanted files from the archives tested. - Option to hang up on users who upload viruses. - Option to reboot after a viral detection. - No Known ways to "alter" the operation of your BBS through it's use. - All operations controlled by a single executable file. - The executable file can be compressed by PKLITE (or similar utility) after the installation has been run, with no ill effects on it's proper operation.(Configuration cannot be performed on a "compressed executable file") WHAT WILL IT DO.. THD ProScan will .. 1) Check (and/or reject) files from a user supplied list of files 2) Strip the file comment and add your comment. 3) CRC test the file 4) FIND a drive with enough space to test the file 5) Create a directory called "THDTEMP.$$$" on that drive 6) Remove files (if configured) from the archive. 7) Check dates to reject old files (if selected). 8) Expand the archive into that directory while recreating its internal path structure. 9) It will then scan each of the files in that directory and all subdirectories below it. 10) It then selectively searches each of the subdirectories created for testable archives. If found, it repeats the above process until no more archives are found. In this way EVERY imbedded archive is tested, regardless of where it is in the directory structure or how far imbedded it is. Every directory created by the original archive or any of the embedded archives is tested and scanned by THD ProScan. 11) Add your loaders to the archive 12) It maintains a log in your BBS directory of all actions performed. 13) It then proceeds to remove the temporary directory structure. 14) Reports the appropriate errorlevel to dos. The actual process is of course much more complex.. But the above overview is a decent summary. Requirements... This tester requires PC/XT (or compatible) MS-DOS 3.3 (or higher)(other "DOS" systems MAY be acceptable) A FOSSIL DRIVER (user output will not be sent if no fossil is found but the testing will still be done) APPROX 325k FREE memory (memory requirements will vary depending on your version of SCAN.EXE. The actual overhead of this program is 75k) McAFEE's VIRUSCAN (the newer the better) The following utilities are required depending on which file types you wish to test. LHA.EXE for "LZH" files ARJ.EXE for "ARJ" files PKZIP/PKUNZIP for "ZIP" files (supports vers 1.10 and 2.04c) PKARC/PKXARC for "ARC" files PAK.EXE for "PAK" files HYPER.EXE for "HYP" files TDCHECK.EXE for "TD0" files GIFTEST(ver 4) for "GIF" files INSTALLATION... Included are 10 files.. NEWINV5.TXT,THDPRO-5.ADD,THDDEMO.COM, THDPRO.DOC,THDPRO.EXE, HISTORY.DOC and THDINSTL.EXE. WARNING.TXT, THDSETUP.TXT and THDTERM.ZIP. THDPRO.EXE is the actual upload tester and controls or performs all actions of the "testing" from "File Allocation Table move" to removal of the temporary directory. THDTERM.ZIP is an archive containing a simple interface for use of THD ProScan without a BBS. Read the documentation included in that archive pertaining to its use. HISTORY.DOC is a simplified history of THD ProScan. NEWINV5.TXT is a listing of the changes and added features between version 4 and this release. Please see HISTORY.DOC for a list changes to the program. WARNING.TXT is a text file listing the warning above in regards to the use of PKZIP204E. THDSETUP.TXT is a text file explaning how to set up THD ProScan to run on a T.A.G. or TELEGARD BBS. As well it contains a simple batch file for processing entire directories of files. THDPRO-5.ADD is a sample file comment for use with the tester. It serves only as an example and is NOT required for proper operation of the tester. THDINSTL.EXE is the INSTALL/CONFIGURATION utility. It MUST be run in order for the scanner to operate correctly. Basically all that is required is that the THDPRO.EXE be in your current directory when you run THDINSTL.EXE. THDINSTL.EXE will search the executable file for any previously configured settings. If none are found it will go through the installation step by step. If however it finds that the installation has previously been run, it will simply load the previous information and take you to the final two option screens. From these two screens you may select (by letter) to modify any of the previous configuration parameters. The "original" installation process can be defaulted to by running "THDINSTL.EXE /F". This will cause the install to NOT look for old settings and simply start an install as if it were the first time. When you run the installation, it will ask you a number of yes/no questions and depending on your answers will prompt you for certain things. Certain things are mandatory. Running THDINSTL.EXE followed by the full path and filename to your version 4 THDPRO.EXE will cause it to take all the settings from version 4 and place them into version 5. The use of "∙" (alt 249) is forbidden in ALL entries in the installation. If used, the string in which it was used will be "CUT" down to the character immediately preceding it. This will result in unpredictable results. DO NOT use that character. ╔═════════════════════════════════════════════════════════════════════════╗ ║ A-- BBS name -- Your BBS Name ║ ║ B-- Comport -- 2 ║ ║ C-- Test Drives -- C: D: E: ║ ║ D-- Reboot? -- N ║ ║ E-- Drop Virus uploader -- Y ║ ║ F-- Protect "AV" zip files-- Y ║ ║ G-- THDPro Log size -- 50000 ║ ║ H-- BBS directory -- D:\BBS ║ ║ I-- Reject Directory -- D:\BBS\DLS\SYSOP ║ ║ J-- Files to be added -- D:\MYLOADER.TXT ║ ║ K-- Files to remove -- README.ROS BBSAD.* ║ ║ L-- Comment File -- D:\BBS\UTILS\COMMENT.TXT ║ ║ M-- File dates -- Limited to 15 days. ║ ║If any of the above is incorrect, Enter the corresponding letter ║ ║Pressing [enter] will move to the next checking screen ║ ║Press [enter] or letter to correct ---> ║ ╚═════════════════════════════════════════════════════════════════════════╝ "BBS NAME" This of course could be your name or alias if you prefer, BUT something must be entered. This entry MUST be between 4 and 35 characters in length. "COMPORT" This MUST be a valid comport as the tester will output to the comport on every run. (the comport need not be active to run the scanner, but must exist). A comport of "0" may be selected if you wish to suppress all remote output. (useful if you wish to test a file while online to a BBS) "TEST DRIVES This is a list of valid drives that THD ProScan can use to test the archives. "REBOOT" Do you wish THD ProScan to Reboot after finishing it's testing if it finds a virus? "DROP VIRUS UPLOADER" Do you wish to drop carrier (hang up) on users who upload virus infected files? "AV PROTECTION" Do you wish to NOT modify "Zip" files with a valid "AV"? "THD PRO LOGSIZE" Multiple choice of the maximum size to write to the log file. After exceeding this size, the next test will rename that file and create a new THDPRO.LOG file. "BBS Directory" This directory need not be your BBS directory. It can be any existing directory where you would like to keep the "log" file created by the tester. This is also the directory you will be in at the completion of a successful test. "REJECTED DIRECTORY" This is the directory into which you wish files which fail the scan portion or cannot be tested should be "moved". "FILES TO BE ADDED" Files that you wish to be added to every archive tested. You can enter individual filenames (wildcards supported). OR a single directory with "*.*".(max 40 characters) "FILES TO REMOVE" A list of files to remove from from each archive tested. Wildcards are supported (40 characters max) "COMMENT FILE" The full path to a file to be used as an archive comment (Will only be inserted in those file types which allow more than a single line comment). "FILE DATES" Can be limited by "AGE" or by "DATE" or not at all. This date limitation is based on the files INSIDE the archive. The archive date itself is not considered in this calculation. Be very care how you use this function. GIF and TD0 files are not subject to date checking. ╔═════════════════════════════════════════════════════════════════════════╗ ║ N-- Scan.exe path -- D:\SCAN.EXE ║ ║ O-- PkZip.exe Path -- D:\PKZIP.EXE ║ ║ P-- PkunZip.exe Path -- D:\PKUNZIP.EXE ║ ║ Q-- Arj.exe Path -- D:\ARJ.EXE ║ ║ R-- Lha.exe Path -- D:\LHA.EXE ║ ║ S-- Pak.exe Path -- D:\PAK.EXE ║ ║ T-- PkArc.com Path -- D:\PKARC.COM ║ ║ U-- Pkxarc.com Path -- D:\PKXARC.COM ║ ║ V-- Hyper.exe Path -- D:\HYPER.EXE ║ ║ W-- Giftest.exe Path -- D:\GIFTEST.EXE ║ ║ X-- TDcheck.exe Path -- D:\TDCHECK.EXE ║ ║ Y-- Hacklist Path -- D:\HACKLIST.TXT ║ ║If any of the above is incorrect, Enter the corresponding letter ║ ║Pressing [enter] will complete the installation. ║ ║Pressing "Z" will take you back to the previous option screen. ║ ║Press [enter] or letter to correct ---> ║ ╚═════════════════════════════════════════════════════════════════════════╝ "????????.??? PATH" All of the above which are configured MUST include full drive\path\filename in order for the tester to operate correctly. Of the above... only "SCAN.EXE" is absolutely mandatory. The others should be configured as needed to test the corresponding file types. "HACKLIST PATH" Hacklist Path is the complete path and filename to a file which contains a list of file "names". This file can not contain extensions or the "." between the name and extension. The "COL" files contained in the "Hack Report" can be used "as is" for this purpose. If you wish to create your own list of undesirable files, you need simply create a file which consists of filenames. One name per line and all in capital letters. The following would be acceptable as a hack list. PKZ201 HACKFILE GARBAGE If this were your list then all files with those names (regardless of their extensions) would be failed. This option can be skipped by pressing "enter" when prompted. All entries which require a "directory" require that there be no ending "\" at the end of the path. All Filename entries require full path and filenames. The entries made in the installation MUST NOT exceed 40 characters per entry. If you enter more than 40 characters the entry will be accepted, but cut down to the first 40 characters. However If file paths are cut by this process, the results are totally unpredictable. If any of your entries wraps on the final two screens of the install.. THEY WILL NOT FUNCTION as intended and you will need to use files in a different location than those entered. Although the program could possibly accept filenames without paths in some instances, I STRONGLY suggest you not accept such entries and modify them to include a full path. The install will attempt to locate the "SCAN and ARCHIVE" files that you wish to use for testing. As well as the correct number of drives that are available (of which THD ProScan can use a maximum of 3). If you read the instructions given for each step during the install process and follow them exactly, you should encounter no problems at all with the setup procedure. The install can be exited at any time by pressing "CTRL-BREAK". No information from that session will be saved. (Unless perhaps you manage to press it while the program is in the middle of saving the information you have entered) THDPRO.DOC -You're reading it THDDEMO.COM A simple demonstration of the user side view of what happens while the scanner is running. This is included just in case you have never seen this tester in action before. Your side will display the various utilities performing their duties and a short explanation of what the tester is doing. "THE TESTER" This is my first ever "real" program. It was made to satisfy a number of people who saw my "batch program", THDscan, but were unwilling to use it based on it's dependency on 4DOS or NDOS. The reason that this program uses 75k of memory is due to a very large "stack" segment which is reserved for the use of "imbedded" archives. By reserving such a large stack, the program is able to run recursively for much longer and thus test imbedded archives far beyond the first level. I may reconsider the "size" of the reserved portion in later versions. But I trust that most "shells" from BBS programs can leave enough memory for this program to run as is. This program is just as secure as THDscan and more secure than Ziplab or PKINSERT. There is no way to change the "way" this scanner operates (without hacking it) for a good reason. Even some of the most noted upload testers make a very serious flaw in the way they handle uploaded archives. By not allowing the user to change these settings, I avoid someone opening one of those "all too evasive" back doors and hacking into your system. So please don't ask me to change the parameters that this program uses. They are that way for a reason. (I will of course be happy to change any that prove to be incorrect or cause "real" problems). This scanner will exit with one of 7 DOS errorlevels. ERRORLEVEL 0 - All tests were passed satisfactorily. - The scanner will also exit with this errorlevel under a number of "odd" circumstances which will avoid having a file fail due to some unforeseen difficulty.(This includes failing to supply a proper path to the file to be tested and a number of other small things) ERRORLEVEL 1 - An imbedded archive failed the CRC test. ERRORLEVEL 3 - The file has failed due to the date restriction. ERRORLEVEL 4 - The file was failed for being on the Hack list. ERRORLEVEL 5 - An imbedded archive failed the CRC test due to a disk read error. (used by some BBS programs to determine if the file is to be resumed later.) ERRORLEVEL 10- A virus was detected during the "scan". ERRORLEVEL 15- The main archive failed the CRC test. The reason for having an errorlevel 1 exit, is that this tester originally did recognize imbedded archives by name, And as such "could" have attempted to unarchive a file with the same extension as a valid archive format without that file actually being an archive. This of course would cause the file to fail the CRC test. By setting the "errorlevel for success" in your BBS program to "1" you could avoid failing these files. However, I suggest that the errorlevel be set to "0" as no reputable programmer would use the extensions of known archivers to name files of another format. But it is, of course, your option. This is left over from version 1. And although the reasoning is no longer accurate. I thought that there may still be some persons out there that use it. If not.. then there is no loss. The operation of the scanner could not be simpler. You need simply run THDPRO.EXE while supplying it with the FULL path and filename of the file to be tested. I STRONGLY suggest that you also supply the full path and filename to THDPRO.EXE as well (not necessary but it too can help to reduce hacking). So the proper syntax would be as follows... C:\UTILS\THDPRO.EXE D:\NEWUPS\TESTFILE.ZIP {Where THDPRO is located in "C:\UTILS" and the file to be tested is "TESTFILE.ZIP" which is located in "D:\NEWUPS"} The tester optionally accepts one other parameter. That second parameter can be a single digit between 0 and 8. This parameter is the number of the comport to be used for remote output and is only necessary if you wish output to a comport other than the one specified during the install. Using "0" will not send any remote output. Numbers between 1 and 8 will send to the comport of the corresponding number. If run without parameters, It will simply display the correct syntax. ERRORLEVEL 0 will be returned in any event where a file is not tested (to avoid the BBS software deleting files due to improper syntax). While geared toward the testing of archived files, The tester will viruscan any file type for which it is not configured. So having your BBS use this tester to scan "EXE" and "COM" files is an excellent idea. (The addition of "self extracting" testing makes this a good idea as well.) The passing or failing of such files will be based solely on the result of the scan and no other operations will be attempted on the file aside from the scan. Any valid filename can be passed if you wish it to be "scanned". I suggest that you configure your BBS to "test" all files with "executable" extensions as well as any "OVL/OVR" files. NOTES- If a file fails the scan portion or is for some reason unable to be tested, the file will be moved to a directory you specify. Priority is given to a "File Allocation Table" move. Thus if the destination drive is the same as the source drive, only the "FAT" will be modified (this allows a 4 megabyte file to be moved in less than 1 second.) If the source and destination differ then the file will be moved by "copying" it to the destination and deleting the original (if the copy was successful). If the file cannot be moved for whatever reason, it will be renamed with an extension of "THD" (if it could not be tested) or "VIR" if it failed the viruscan, it will be renamed during the move if it was virus infected regardless of success of the move operation). This programs creates and removes a directory called "THDTEMP.$$$". If this directory exists on any of your drives... Either rename the directory or do not allow that drive to be used for testing. There is no recovering from the removal of this directory. This program depends on the fossil driver to send messages to the user. If no fossil is active, the testing process will still occur, but the user side will be blank. The fossil is also used to drop carrier and/or reboot the system if you have chosen those options in the installation. This program no longer requires the remote user to have "ANSI.SYS". If the user does not have this, he/she will see the a "bare bones" description of what the tester is doing. There will be no "glitz" on the ASCII output. I strongly suggest that after the installation is complete and the executable file is in it's permanent place, that you make it a read-only file. This will be yet another deterrent for "wanna-be" hackers who would attempt to overwrite this file. The only known problem with this tester is that if an unscrupulous person attempts to overwrite certain files on your system, the program will hang pending "user input". IF YOU EVER see such a prompt on your system while this program is running, DO NOT ALLOW the overwrite. This program accounts for all "normal" circumstances of overwrite attempts and will hang only if the user finds a way to overwrite files outside of this testers control. Allowing such overwrites could result in total disaster. This program and all of its associated names, files, logos and makeup are Copyright 1992 PainSoft. (Version 5 is Copyright 1993 PainSoft). No duplication in whole or in part is allowed. With the exception of duplication of the entire archived set of files for distribution to those in need of it's services. None of the copyrighted material may be changed in any way, except by the author. Changes made by the "original/unmodified" installation program will be considered to have been made by the author for the purpose of this copyright. The files may be rearchived in ANY fashion which requires them to be restored to their original condition before use. ( Portions Copyright Borland International ) The executable files may be "compressed" to save space but may not be distributed in this "compressed format". The Author accepts no responsibility for the actions of this program. It is FREEWARE and NO charge may be made for it's distribution. It is NOT a commercial product and as such the ONLY acceptable charge for it will be "actual, physical cost of duplication". I do not profit from it monetarily and any attempt of other persons to do so shall be considered an infringement of my copyright. Other products mentioned are copyrighted by their respective owners and include their own restrictions for use. Please be sure to register those products if requested by the copyright owners. Thank You for taking the time to read this document. I hope this upload tester serves you well and helps to keep your system free of viral infection and a little safer from potential hackers. David Muir of ..PainSoft..