Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VSE 7.1 - Wildcard exclusions do not work 1

Status
Not open for further replies.
simonjcook

simonjcook

IS-IT--Management
Mar 2, 2004
94
GB
Hi everyone,

After a little to-ing and fro-ing with NAI I have come to the conclusion that using wildcards in file and folder exclusions do not work with virusscan enterprise as per the manual.

We had an issue with excluding the InterScan folders on our mail gateway.

we tried
\InterScan?:\InterScan*:\InterScan
None stopped VSE from picking up infected files as they were written to disk.

The only exclusion that did work was by specifying the drive letter explicitly.

E:\InterScan


Regards

Simon J Cook

< Keyboard Error - Press F1 to continue >
 
Try just typing the folder-name

InterScan

Does that work?
 
Point noted,

I haven't tried...

I want to avoid using folder names as a straight entry as
it is ambiguous as to whether it is a file or a folder.

My guess is, an entry such as...
InterScan
...would also exclude files by the same name unless "Also exclude subfolders" is ticked.

Considering the basic wildcard functionality doesn't work, I wouldn't hold out much hope for how that type of entry would behave.

Also, an additional effect of using that type of entry is to exclude the folder where-ever it appears in a path which is not our intention.



Regards

Simon J Cook

< Keyboard Error - Press F1 to continue >
 
Further info,

*:\folder\ doesn't work
?:\folder\ doesn't work
*\folder\ doesn't work
?\folder\ doesn't work, wouldn't expect it too... ? is a single character wildcard.

folder with exclude subfolders ticked *does* work

However,
1) it is not immediately apparent it is a folder
2) according to the documentation this will exclude the named folder where-ever it appears in a path.

This (server) folder exclusion policy is being applied from ePO directory level down.
The upshot is, any server with the named folder anywhere in it's directory structure would provide a hole for an infected file to reside in. A considerable unknown...
If "also exclude subfolders" is *not* ticked then this exclusion would probably exclude files by the same name.

Stop press...
\folder does work, it seems removing the trailing \ makes this non drive specific root folder exclusion work.

Regards

Simon J Cook

< Keyboard Error - Press F1 to continue >
 
Status
Not open for further replies.

Similar threads

disturbedone
  • Locked
  • Question
proxy.pac not working correctly in IE11
Replies
0
Views
259
disturbedone
disturbedone
gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
213
gbayi_omo
gbayi_omo
GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
296
GeorgeAlba
GeorgeAlba
EdwardMcClelland
  • Locked
  • Question
Google DNS works with Sonic-wall installed. Cox doesn't.
Replies
1
Views
303
ChrisHirst
ChrisHirst
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
252
brownmab53
brownmab53

Part and Inventory Search

Sponsor

Back
Top