Virusdie.Server. Version history. ¶
2.3.3 2018-02-28 ¶
- Added new file types to scan by default (without
--allfiles
flag): phps, phtml, class, pl, perl, asp, aspx, bmp, tga
- The new
--nobin
(-t
) command line switch: Auto detect and skip binary files, scan only text files
- The new
--maxage
command line switch: Scan only files that are newer than the specified age
- The new
--maxsize
command line switch: Limit the size of scanned files
- See documentation for more
2.3.2 2018-02-12 ¶
- A forced minimum of four scan threads is disabled. Now it is possible to specify any number of threads from 1 to the number of CPU cores in the system.
- The flags
--threads
and --limitcpu
are now combined. Now the number of scan threads and the number of CPU cores used are always equal to each other and are specified by the --threads
flag or the threads
config option.
- The
limitCPU
config option has been removed.
2.3.1 2018-02-08 ¶
- Improved detection of TAR archives / compressed files (by extension)
- Implemented scanning of single files containig RAW compressed data stream (“file.gz”, “file.bzip2”) (with
--unpack
flag). Unlike “file.tar.gz” or “file.txz”, such files are not TAR archives.
- New cleanup result status in the output/dump logs:
ND
(3
in JSON) – the file was not deleted in accordance with the -d
flag (printed when the file should be deleted, but there are -r -d
flags passed)
- Rewritten the “send suspicious files for analysis” feature (
--sendfile
). Now the new base.virusdie.com API used. Config option sendFilesHost
removed.
- Fixed the error when only one scanning thread was always used in file list scanning mode (@listfile) regardless of
--threads
flag
- Fixed command processing in file list scanning mode (
echo ":command..." | vdscan @ --echo
)
- Fixed unnecessary re-allocations of large memory buffers when scanning archives
- Compiler updated
2.3.0 2017-08-10 ¶
- Now it is possible to pass any number of files, directories and glob patterns to command line:
vdscan file.js *.php dir1/ dir2/
- Support for scanning of files inside TAR archives (tar/gzip/bzip2/xz/lzma) with
--unpack
(-z
) switch
- Scan process is now started immediatelly. It doesn’t wait for the full list of files to be imported. So now it can be used in interactive mode (
vdscan @ --echo
). See documentation for more.
- The new
--allfiles
(-a
) command line switch: Scan all types of files, do not filter file names by extension
- The new
--unpack
(-z
) command line switch: Unpack and scan files from TAR archives
- The new
--echo
(-e
) command line switch: Print response to STDERR for every item in the list (see documentation for more)
- Support for commands in list files / STDIN (
@file
or @
) is added. They are especially used in interactive mode to change scan options, control scan process state, retrieve information during scan.
- New cleanup result statuses in the output/dump logs:
EW
(-2
in JSON), ED
(-3
in JSON) (described in the documentation)
- Fixed incorrect file access modes in dump files
- A lot of internal improvements and optimizations
2.2.2 2017-07-18 ¶
- The new
--limitcpu
command line switch and limitCPU
config option allows to limit the number of CPU cores to use
- The new
--vdbid
command line switch allows to override the value of the vdbID
config option
- Fixed virus database cache file access mode
- Added Debian 9 amd64 build
2.2.1 2017-04-24 ¶
- Added the ability to send suspicious files for analysis:
vdserver --sendfile file.php
. The host name to send files to is stored in the sendFilesHost
config option.
2.2.0 2017-04-12 ¶
- Implemented multi threaded scan. Scanner is now uses all CPU cores by default. Scan performance increased several times!
- The new
--threads
command line switch and threads
config option allows to limit the number of parallel scanner threads
- Added long aliases for short command line flags: –exclude = -x, –remove = -r, –nodelete = -d, –json = -j
- The size of binary files is reduced by ~30%
- The external
tar
archiver is no longer used to create dump files
- The scheduler was removed completely. Use
cron
or other scheduler to scheduled scan.
- Several internal improvements and optimizations
2.1.2 2017-02-21 ¶
- The new
--configfile
command line switch allows to use the custom configuration file instead of config.json
- Virus database is now loaded/updated in separate thread in parallel with other startup procedures
- Image files (png, gif, jpg and some others) is now processed by scanner
2.1.1 2016-12-07 ¶
- Fixed crashes with message “invalid memory address or nil pointer dereference” when processing of some signatures/files
- The new
--homepath
command line switch allows to set the alternative directory to store cache/temp files (default is $HOME/.vdserver
)
- Added new field into scheduler’s database (
homepath
) to define the value for the corresponding command line switch.
Import db/update-2.1.1.sql
into database to use this feature.
2.1.0 2016-10-18 ¶
- Switching to new GO 1.7 compiler: increasing scan performance and reducing the size of executables
- Implemented procedural checks and treatment: special detection/treatment methods (not signature-based) can be applied to some threats
- Added new fields into scan summary statistics: Number of files infected, Number of files treated
- The new
--update
command line switch allows to check for updates, described in the documentation
- The new
--reloadvdb
command line switch: Force virus database update
- The new
--domain
command line switch allows to set the domain name the scanned files belongs to (required to detect external redirects)
- The new
--noemptydump
command line switch: Do not store the report if there are no threats found (used with --dump
)
- Added new fields into scheduler’s database,
domain
and noemptydump
to define the values for the corresponding command line switches.
Import db/update-2.1.0.sql
into database to use this feature.
- Command line parser changed:
Now it is possible to combine several short flags into one (
-rjx ignored.txt
= -r -j -x=ignored.txt
). You can specify the value for the last entry in set.
Also, the flags are allowed after the name of the scanned folder in any order:
-rx ignored.txt www/ -dj
, -x=ignored.txt -rd www/ --dump={N}
, -rx=ignored.txt www/ -j --dump file
- Now the memory buffer for scanned files is allocated only once and then reused for all files
- Virus database cache is now stored in the home folder of the current user (in
$HOME/.vdserver
) or, in the case of errors in the system temporary folder
- Fixed cache validation errors when updating virus database
- Fixed error: the files may be copied into report several times
- Fixed crashes when processing of some signatures on large files
- Error messages are now printed to STDERR instead of STDOUT
- Scheduler changed, removed HTTP server functionality and corresponding
config.json
settings, fixed scheduler starter script
- Now all components will have the same version number
- A lot of optimizations, stability improvements
- Documentation updated
2.0.3 2016-06-09 ¶
- Some curable threats was marked as incurable and wasn’t deleted
- Optimization of regular expressions processing
- Fixed order of rules when scanning
- Several minor optimizations
2.0.2 2016-05-20 ¶
- Argument
-v
: Print version and exit
- Argument
-c
: Print config file and exit
- Argument
--debug
: Print names of checked signatures to STDERR. This flag is available when scanning a single file without -j
flag.
- Plain text log file
scan.log
is now always created, even if there are no threats found
- The scanner is now does not stop even if you pass an empty list of files
- Other small changes
2.0.1 2016-03-30 ¶
- If there is no
runtime
folder it will be created automatically
- Now we collect and save full scan statistics in a file
stats.json
in the report archive
- You can set a path to a dump file (for example,
--dump /home/user/dumpfile
) and that path will not be duplicated in archive
- You now can set a file with a list of excludes by the
-x
key. Exit with code 20 if there is a file read error.
- Other small changes
2.0.0 2016-02-08 ¶