Cream of the Crop 25

home *** CD-ROM | disk | FTP | other *** search

/ Cream of the Crop 25 / Cream of the Crop 25.iso / bbs / anti143.zip / ANTIAD.DOC < prev next >

Wrap

Text File | 1997-05-05 | 27KB | 602 lines

┌──────────┬───────────┐ │ BBS ┼ │ │ ╓───╖ │ ╓ │ AntiAd │ ║ ║ ┼ ║ │ │ ╟───╢ ╓┼─║ ╓── │ Version 1.43 ├┼──╫─┼─╫─╫■─╫─╨┼─╥───┼┤ │ ╙ ╙ ╙┼─╜ ───╜ │ (c) Copyright 1997 - ZT-Technologies │ ┼ │ └──────────┴───────────┘ Techical Support: Herbert Bushong Blackbeard's BBS 318-468-3385 (V34+) ┌────────────────────┐ │ 1. Introduction: │ └────────────────────┘ AntiAd was developed due to recent developments in BBS ad files and their associated headaches. The asinine sysops who insist on putting this excess baggage into downloadable archives at the expense of other sysops' disk space are getting more creative and annoying. By slightly modifying their BBS ad file, perhaps adding spaces to the end of the file or stamping the time and date into the BBS ad, they were previously undetectable (until the BBS ad was added to a database). Not so with AntiAd. ┌──────────────────────────┐ │ 2. Features of AntiAd: │ └──────────────────────────┘ ∙ Native versions for both 16-bit DOS and 32-bit OS/2! DOS version is fully OS/2, DESQview and Windows aware, including time slice releasing. ∙ Identifies BBS ads using conventional database algorithms for files that are static (such as .EXE files created by TheDraw). This method of detection is extremely fast and 100% accurate. ∙ Includes a BBS ads maintenance function so sysops can update their BBS ads CRC database in real time. ∙ Identifies BBS ads by filename, allowing detection of 0-byte BBS ads. ∙ Identifies BBS ads using a new keyword algorithm for files that are constantly changing. This method of detection is slower and can be less accurate depending upon how well the keywords are selected by the sysop. ∙ Up to 100/300 (DOS/OS/2) keyword sets of 5 to 10 keywords each can be configured by the sysop. (These are arbitrary limits and can be raised, if necessary; they seemed like good starting points). ∙ AntiAd can execute another program as a child process, allowing upload processors that only execute 1 file checker (virus checker) to use AntiAd *and* another file checker. ∙ Runs as a file tester in most any upload processing utility, such as UpLoadProcessor, Ziplab, ExzTest, etc. ∙ Detected BBS ads are removed from the files on disk before being repacked by the upload processing utility. They may be stored in a subdirectory for subsequent review by the user (user-selectable). ∙ AntiAd can generate list files to be passed to an archiver, allowing removal of BBS ad files without unpacking the archive. This requires proper handling by the upload processing utility or batch file. ∙ User-selectable process logging to a disk file. ∙ Written completely in C for optimal speed, using Watcom C/C++ 11.0. ┌────────────────────────────────────────────────────────┐ │ 3. Files Included in the AntiAd Distribution Archive │ └────────────────────────────────────────────────────────┘ ANTIAD.EXE BBS ad detection and removal program (16-bit DOS). ANTIAD2.EXE BBS ad detection and removal program (32-bit OS/2). ANTIAD.DB BBS ads database file. NAMES.LST BBS ads name list file. ANTIAD.DOC This file. SAMPLE.CFG Sample configuration file. CHK_ADS.BAT Main batch file for mass archive BBS ad removal. CHK_ADS2.BAT Secondary batch file for mass archive BBS ad removal. SUPPORT.DOC List of authorized support sites for my shareware. HISTORY.DOC AntiAd revision history in reverse order. REGISTER.FRM Registration form for AntiAd and other software. FILE_ID.DIZ Internal description file. When you unzip the distribution archive, you should see my PKZIP authenticity verification stamp, and a '-AV' after every file in the archive: #PNP757 ZT Technologies If there are any files missing or added, or the -AV stamp is missing, the archive has been tampered with. It would be advisable to call one of the support sites listed in the UPPORT.DOC file for the latest version of AntiAd. ┌───────────────────────────┐ │ 4. Program Requirements │ └───────────────────────────┘ To the best of my knowledge, this program will run on most any machine capable of running a BBS package. My BBS setup was PCBoard 15.2/10M running under DESQview on a LANtastic network, but other sysops that I have been in contact with have successfully implemented AntiAd on a wide variety of hardware. AntiAd requires DOS 3.x and higher or OS/2 2.0 and higher, as it uses DOS SHARE-compatible file reads and writes. AntiAd's memory requirements are very small (about 80K or so, plus the CRC database and keyword memory allocated). A hard disk is required (and not very many BBSes don't have them) so it goes without saying (although I did anyway; someone is bound to ask... <g>). ┌───────────────────┐ │ 5. Registration │ └───────────────────┘ AntiAd is not free; nor is AntiAd crippled to force registration. AntiAd is fully functional, and will always remain so. The only variation with the registered copies is no time delay and beg message. Why register? Besides a clean conscience, you will get a registration code that will work for all future versions of AntiAd, and will remove the delay and message at the end of execution. The registration fee for your unique key is $18 for hobbyist BBSes. The registration fee for commercial BBSes, defined if you run your BBS in the course of a commercial business or for profit (e.g. more than 10 nodes), is $25. Refer to the file REGISTER.FRM for all registration options. Please print the file REGISTER.FRM and fill it out. You can print out the form by issuing the following command from the DOS prompt: TYPE REGISTER.FRM > PRN ┌───────────────────────────────────────┐ │ 6. License, Warranty and Disclaimer │ └───────────────────────────────────────┘ I'll keep this part short and sweet, and dispense with the legal-ese: License: You are allowed to use AntiAd for 30 days, after which you must either register AntiAd or stop using it completely. Decompiling, disassembly or any other form of reverse-engineering AntiAd for any purpose is prohibited. AntiAd registration is a license for your use of AntiAd; I retain ownership of the software. A single registration applies to a single BBS system, regardless of the number of computers used in the system. If you run two or more distinct BBS systems on the same computer (with different names), you require two or more AntiAd registrations. AntiAd registrations are not transferrable; you cannot sell your registration to another person. Warranty: There isn't one. The only thing I'll guarantee is that AntiAd will take up disk space, and will disappear when deleted. Disclaimer: I'm not responsible for anything bad that happens. AntiAd works here, but I cannot be held responsible for it not working on your computer or doing any damage to hardware or software. If these aren't agreeable with you, then the best thing to do is delete AntiAd right now. I'll do my best to help any user (registered or not) that wants to use AntiAd, and I'll act on bug reports quickly, but I simply cannot and will not be responsible for anything bad, like lost data, disk crashes, or whatever else you can think of. ┌───────────────────┐ │ 7. Installation │ └───────────────────┘ GENERAL INSTALLATION: ───────────────────── Make a subdirectory on your hard drive. For the purposes of this document, we'll call it "C:\ANTIAD". Unarchive the AntiAd distribution archive into this subdirectory. You've more than likely already made it this far, if you're reading this file. <grin> The AntiAd system opens a few files at once for various reasons. I would recommend that you have a minimum of FILES=30 per node in your system CONFIG.SYS file for a single-node system, since AntiAd is run in conjunction with your BBS and upload processing software. If you are running under a DOS network or a multitasking operating system, you should already have DOS's SHARE.EXE loaded. You must have SHARE loaded in order to take advantage of the file sharing and locking methods used by the AntiAd programs to prevent data loss. (If you are running a single-node system without a multitasker, SHARE is not needed). Edit the configuration file to suit your needs. Proper configuration will require you to refer to this section, the previous section and the section titled "Configuration", which has an in-depth explanation of each configuration parameter and its function. It would probably be wise to fire up your printer for this document. Note that for the AntiAd program, you can obtain a limited program syntax screen simply by executing the program with the -? (help) parameter. INSTALLATION INTO YOUR UPLOAD PROCESSOR: ──────────────────────────────────────── AntiAd is designed to operate on a subdirectory of files that have already been extracted by the upload handling system. The best application for AntiAd is to be executed as a file test utility, similar to a virus-scanning program, since at that point in time the files are already extracted from the archive being processed. Depending upon how your upload processor operates, the command lines can be different. * NOTE: If your upload processor is limited to 1 file checker, add AntiAd into your processor's configuration, and then configure AntiAd to execute your file/virus checker using the CHK_CMD_LINE parameter. If your upload processor executes the file testers from the directory where the files are located (this is how the ULP programs operates), the command line is simply: D:\ANTIAD\ANTIAD.EXE -Cd:\antiad\antiad.cfg If your upload processor DOES NOT execute the file testers from the directory where the files are located, and passes a filespec to the program (this is how ExzTest works), the command line is: D:\ANTIAD\ANTIAD.EXE -Cd:\antiad\antiad.cfg -Pd:\path\*.* The '-P' parameter defines to AntiAd where to find the files. Note that it will accept either a path (e.g. 'C:\TEMP\') or a filespec (e.g. 'C:\TEMP\*.*'); in other words, the "*.*" is superfluous. Regardless of the filespec, AntiAd will check all files in the path passed to it. This is to allow the highest level of compatibility with all upload processing utilities. If you find yourself crunched for command-line space in your upload processing utility, the '-C' may be omitted in favor of using an environment variable (named "ANTIAD_CFG") to tell AntiAd where to find it's configuration file. To do this, add the following line to your AUTOEXEC.BAT file: set ANTIAD_CFG=c:\antiad\antiad.cfg while changing the filespec as necessary to match the name and location of your AntiAd configuration file. If your upload processing routine is capable of executing a command after each archive has been processed, you can use the list-file approach to removing BBS ads from the archive. This will guarantee that the ad files are removed, even in -AV protected archives. If you call AntiAd with the following command-line: ANTIAD.EXE -Cd:\antiad\antiad.cfg -Pd:\path\*.* -Ld:\antiad\ad.lst You can then execute the following archiver statements to remove the ads from the compressed archive: ARJ d d:\path\archive.arj !d:\antiad\ad.lst LHA d d:\path\archive.arj @d:\antiad\ad.lst PAK d d:\path\archive.arj @d:\antiad\ad.lst PKPAK -d d:\path\archive.zip @d:\antiad\ad.lst PKZIP -d d:\path\archive.zip @d:\antiad\ad.lst Some notes on the list-file approach: if AntiAd finds no BBS ads, it will NOT create a BBS ads list file and will exit with an errorlevel you define in NO_AD_ERRLEV in the configuration file. If it finds one or more BBS ads, it WILL create the file and exit with the errorlevel defined as AD_ERRLEV. (AntiAd will not run in ULP using list-file mode; use the standard mode of operation for AntiAd with ULP.) ┌────────────────────┐ │ 8. Configuration │ └────────────────────┘ The sample configuration file included in the distribution archive is heavily commented, but some additional information is provided below: LOG_FILE All of the AntiAd programs will write process and error information to a log file, if desired. This is the path/filename of the log file for AntiAd to record its activities. Comment out if you don't want any disk logging. STORAGE_DIR If you want AntiAd to use a specific directory for storage of BBS ads detected and removed from archives, enter the full pathname (including the trailing backslash). If you do not want the file saved for later inspection, comment it out. I would not recommend using a RAM disk, since the files would be lost when the system is rebooted or powered down. Note that this will default CRC_DISP and KEYWORD_DISP to DELETE. NO_AD_ERRLEV The errorlevel that AntiAd is to return to DOS if no BBS ads were found by AntiAd while processing the subdirectory specified. If this parameter or the AD_ERRLEV parameter is commented out, then it will default to 0, since most upload processors assume non-zero errorlevels to be program execution errors, not information. This value must be between 0 and 255, inclusive. AD_ERRLEV The errorlevel that AntiAd is to return to DOS if one or more BBS ads were found by AntiAd. DB_DISP This parameter defines how AntiAd dispositions files detected as BBS ads via the CRC-32 signature method. If you want AntiAd to delete the ad file, enter DELETE or comment the line out; if you want AntiAd to store the ad file in the storage directory (and delete it from the archive being processed), enter STORE. Note that for STORE to operate correctly, the STORAGE_DIR parameter MUST be defined. NAME_DISP This parameter defines how AntiAd dispositions files detected as BBS ads via the filename check. If you want AntiAd to delete the ad file, enter DELETE; if you want AntiAd to store the ad file, enter STORE or comment the line out. KEYWORD_DISP This parameter defines how AntiAd dispositions files detected as BBS ads via the keyword algorithm. If you want AntiAd to delete the ad file, enter enter DELETE; if you want AntiAd to store the file in the storage directory (and delete it from the archive being processed), enter STORE or comment the line out. ADS_DB The directory path and name for the BBS ads database. This database can be updated by the sysop by using the '-F' parameter of AntiAd (see section 10 of this document), freeing the sysop from being reliant on me to maintain the ads database. If you find a large number of new BBS ad files, please upload them to my board for inclusion into my master ads database distributed with AntiAd. This database format is compatible with my UpLoadProcessor (ULP) utility's BBS ads database. NAME_LIST The directory path and name for the BBS ads name list file. This is a ASCII text file with one 12 character filename per line. Note that no wildcards are permitted; this is by design to prevent accidental removal of files by specifying something stupid like '*.AD'. Note that only file (less than a pre-determined number of bytes) will be checked by filename! NAME_SIZE_LIMIT This is the maximum size, in bytes, of files that will be filename tested. As this is a potentially dangerous function (filename checking is hardly an accurate means of identifying ads), it is recommended this be kept as small as possible (no more than a few K). It wouldn't be good to delete a 100K executable from uploads by accident because it had the same name as some dinky BBS ad. KEYWORDS The keyword sets (separated by commas) to search potential BBS ad files for. Note that these keywords are case-sensitive! If a potential ad file contains ALL of the keywords or phrases, it will be dispositioned as a BBS ad. I suggest using the BBS name, area code and exchange, modem brand and other key terms in their ads that seem static. Between 5 and 10 keywords are allowed per line; one line comprises a keyword set. Furthermore, a keyword set line may not be more than 128 characters long. A maximum of 100 keyword sets may be defined. Note that BBS ad scanning time increases with the number of keywords and keyword sets. CHK_CMD_LINE AntiAd is capable of executing another program before returning to the upload processor. If this is desired enter the command line to be executed by AntiAd, otherwise, comment the line out. Place the variable @FILE@ where the filespec is to be placed on the command line. Obviously, the DOS version of AntiAd can execute only DOS virus checkers and the OS/2 version of AntiAd only OS/2 virus checkers. * NOTE: If this option is used, AntiAd will return the errorlevel returned by this program to the upload processor, and will not use the NO_AD_ERRLEV or AD_ERRLEV settings. This is done for optimum compatibility with all upload processors. ┌──────────────────────────────┐ │ 9. Application Information │ └──────────────────────────────┘ ULP: ──── The correct configuration setup for AntiAd within UpLoadProcessor is as a file checker, such as follows: Command #: C:\ANTIAD\ANTIAD -Cc:\antiad\antiad.cfg Successful errorlevel: 0 If you are running UpLoadProcessor 2.0 or higher, the additional switch "run in a window" can be set to either <Y>es or <N>o. In some situations, such as running under a GUI environment, setting this to <N>o will yield improved performance. In addition, ULP users should disable the integrated BBS ad checking, since AntiAd is more capable than ULP in detecting and removing BBS ads. You may also remove the '-C' parameter if you choose to use the environment variable approach for defining the configuration file path. EXZTEST: ──────── The following is an excerpt from a message from Mike Cocke, outlining how he has installed AntiAd: ====================================================================== Packet: SALTAIR Date: 12-10-92 (16:58) Number: 7410 From: MIKE COCKE Refer#: 7192 Subj: EXZTEST AND ANTIAD Conf: (3) Utility ---------------------------------------------------------------------- SS> I have a question regarding ExzTest and ANTI-AD that you may be SS> able to answer. Does ExzTest repack the archive after processing? SS> Is it selective? Do I need to trigger it in some fashion? It repacks the archives if that config option has been set. SS> I have a user having a little difficulty with ExzTest and AntiAd, SS> and I'm trying to help him. Got a copy of 2.22, and read the docs, SS> but that part wasn't clear. 2.22 has some problems, including a system hanger. Stop by the Hacker Central and grab XZT8MC.ZIP SS> Would you be willing to share how you implemented AntiAd into SS> ExzTest? I'd like to document it in the AntiAd docs... Sure - in a nutshell, set 'rezip secondary archives' to on, and install AntiAd as a virus tester. The key is the first point. If this isn't set, removals won't matter. ====================================================================== If you have any further questions, I would suggest contacting Mike Cocke and getting the most recent version of ExzTest from his board or Salt Air. ZIPLAB: ─────── Apparently, ZipLab will not support the operation of more than one file checker automatically. Or at least, how to add more than one is not readily apparent in the documentation. Therefore, configure AntiAd into ZipLab and your virus scanner into AntiAd's CHK_CMD_LINE parameter. In this way, ZipLab will call AntiAd, AntiAd will call your virus checker, and then return to ZipLab. GENERIC BATCH FILE: ─────────────────── The following generic batch file (modeled after PCBTEST.BAT) will autodetect the compression format of the archive using ARCID (again, a utility written by me), unpack the archive, check it for ads, remove any ads found via the list-file method, scan the files for viruses, and then clean up. It can easily be expanded and/or modified to suit your needs: @Echo off cls if exist pcbpass.txt del pcbpass.txt if exist pcbfail.txt del pcbfail.txt d:\arcid\arcid %1 arj lzh zip if errorlevel 98 goto UNKNOWN if errorlevel 5 goto ZIP_TESTING if errorlevel 4 goto PAK_TESTING if errorlevel 3 goto LZH_TESTING if errorlevel 2 goto ARJ_TESTING if errorlevel 1 goto ARC_TESTING Echo ERROR: ARCID critical error...please notify sysop! > pcbfail.txt exit :UNKNOWN Echo ERROR: Unknown file format! > pcbfail.txt exit :ARC_TESTING md testing cd testing pkunpak -r %1 if not errorlevel 0 goto UNPACK_ERROR d:\antiad\antiad -Cd:\antiad\antiad.cfg -Ld:\antiad\ad.lst if exist d:\antiad\ad.lst pkunpak -d %1 @d:\antiad\ad.lst goto SCAN :ARJ_TESTING md testing cd testing arj e -y %1 if not errorlevel 0 goto UNPACK_ERROR d:\antiad\antiad -Cd:\antiad\antiad.cfg -Ld:\antiad\ad.lst if exist d:\antiad\ad.lst arj d -y %1 !d:\antiad\ad.lst goto SCAN :LZH_TESTING md testing cd testing lha e /m1 %1 if not errorlevel 0 goto UNPACK_ERROR d:\antiad\antiad -Cd:\antiad\antiad.cfg -Ld:\antiad\ad.lst if exist d:\antiad\ad.lst lha d /m1 %1 @d:\antiad\ad.lst goto SCAN :PAK_TESTING md testing cd testing pak e /wa %1 if not errorlevel 0 goto UNPACK_ERROR d:\antiad\antiad -Cd:\antiad\antiad.cfg -Ld:\antiad\ad.lst if exist d:\antiad\ad.lst pak d %1 @d:\antiad\ad.lst goto SCAN :ZIP_TESTING md testing cd testing pkunzip -o %1 if not errorlevel 0 goto UNPACK_ERROR d:\antiad\antiad -Cd:\antiad\antiad.cfg -Ld:\antiad\ad.lst if exist d:\antiad\ad.lst pkzip -d %1 @d:\antiad\ad.lst goto SCAN :SCAN scan /a /nomem /nopause *.* if not errorlevel 0 goto VIRUS_ERROR cd .. echo y|del testing\*.* rd testing if exist d:\antiad\ad.lst del d:\antiad\ad.lst Echo File passed all tests... > pcbpass.txt exit :UNPACK_ERROR echo y|del testing\*.* rd testing if exist d:\antiad\ad.lst del d:\antiad\ad.lst Echo ERROR: File failed integrity test... > pcbfail.txt exit :VIRUS_ERROR echo y|del testing\*.* rd testing if exist d:\antiad\ad.lst del d:\antiad\ad.lst Echo ERROR: File failed virus test... > pcbfail.txt exit ┌────────────────────────┐ │ 10. Manual Operation │ └────────────────────────┘ In order for sysops to be able to 'keep up' with new ads produced by the weenie sysops who insert the @!&*#%$ things, AntiAd is capable of scanning a BBS ad file and updating the BBS ads with it's information. Don't worry about duplication, as part of the process is to purge duplicate BBS ad info. The command-line syntax for this functions is: ANTIAD -Cantiad.cfg -Fbbs.ad or: ANTIAD -Cantiad.cfg -Fd:\bbs_ads\*.* where 'antiad.cfg' is the full path and filename for the AntiAd configuration file, and 'bbs.ad' is the path and filename for the BBS ad file(s) to be added to the BBS ads database. Standard DOS wildcard characters are permitted for multiple file addition. I suggest only adding executable or ANSI BBS ads to the database, since they are not easily changed by a sysop before insertion into an archive. I would greatly appreciate your uploading of any new BBS ad files that you may collect over time to my BBS so I can update the master listing that I include with the AntiAd distribution archive. Please refer to the top of this document for my BBS number. The latest version of my BBS ads database is included in the distribution archive. In order to add whatever new BBS ads information that may be contained, you can merge it with your current BBS database: ANTIAD -Cantiad.cfg -Mother.db where 'antiad.cfg' is the full path and filename for the AntiAd configuration file, and 'other.db' is the path and filename for the other BBS ads datatbase to be merged with the master ads database. ┌────────────────────────────┐ │ 11. The Future of AntiAd │ └────────────────────────────┘ AntiAd will be supported as long as I'm in the BBSing business (which will be quite a while...once it's in your blood, you can never shake it <g>). Thanks for giving AntiAd a try! ┌────────────────────────────────┐ │ Appendix A: DOS Errorlevels │ └────────────────────────────────┘ The following is a list of the errorlevels than can be returned by AntiAd: Variable Successful execution Variable Successful execution, BBS ad list file created Variable Successful execution, file checker errorlevel returned 99 Help screen (executing a program with no or an insufficient number of arguments) 100 Could not close all open files 101 Unknown command line parameter 102 Config file not found 103 Too many keywords in a keyword set 104 Too few keywords in a keyword set 105 Too many keyword sets defined 106 Keyword set line too long 110 Unable to allocate heap memory 111 Unable to open or lock disk logging file 114 Unable to open BBS ads database file 115 Invalid filename provided by user on command-line 116 Invalid path provided by user on command-line 117 Unable to open BBS ads name list file 120 Invalid BBS ad database format 200 Undefined error (internal to AntiAd program)