CIACTech04-001: Remote Detection of the MyDoom.A Worm
Before systems containing the MyDoom.A worm can be cleaned, they must be detected. As running a scanner on each system can be difficult and time consuming, a method of remote scanning for infected machines is needed.
Hey, for the purpose of a research project I need to know if a specific type of parallel processing is being utilized by any user-run programs. Is there a way to detect whether a program either returns a value to another program at the end of execution, or just utilizes any form of parallel... (4 Replies)
I have this worm in my network.
It works only on Windows OS. My data server is on Linux with samba server and all the time somebody is copping this worm from windows client to my data server, because the data server is mapped as a network drive.
My question is:
Is there any way to find which... (4 Replies)
I am running Unix SCO and have discovered the worm virus. It is enabled through a BIOS connections, I am able to get around it using telnet, believe it or not.
- Can anyone recommend a virus scan software?
- Has anyone successfully used a virus scan software on unix without a problem?
... (2 Replies)
megaco_flex_scanner(3erl) Erlang Module Definition megaco_flex_scanner(3erl)NAME
megaco_flex_scanner - Interface module to the flex scanner linked in driver.
DESCRIPTION
This module contains the public interface to the flex scanner linked in driver. The flex scanner performs the scanning phase of text mes-
sage decoding.
The flex scanner is written using a tool called flex . In order to be able to compile the flex scanner driver, this tool has to be avail-
able.
By default the flex scanner reports line-number of an error. But it can be built without line-number reporting. Instead token number is
used. This will speed up the scanning some 5-10%. Use --disable-megaco-flex-scanner-lineno when configuring the application.
The scanner will, by default, be built as a reentrant scanner if the flex utility supports this (it depends on the version of flex). It is
possible to explicitly disable this even when flex support this. Use --disable-megaco-reentrant-flex-scanner when configuring the applica-
tion.
DATA TYPES
megaco_ports() = term()
megaco_version() = integer() >= 1
EXPORTS
start() -> {ok, PortOrPorts} | {error, Reason}
Types PortOrPorts = megaco_ports()
Reason = term()
This function is used to start the flex scanner. It locates the library and loads the linked in driver.
On a single core system or if it's a non-reentrant scanner, a single port is created. On a multi-core system with a reentrant scan-
ner, several ports will be created (one for each scheduler).
Note that the process that calls this function must be permanent. If it dies, the port(s) will exit and the driver unload.
stop(PortOrPorts) -> stopped
Types PortOrPorts = megaco_ports()
This function is used to stop the flex scanner. It also unloads the driver.
is_reentrant_enabled() -> Boolean
Types Boolean = boolean()
Is the flex scanner reentrant or not.
is_scanner_port(Port, PortOrPorts) -> Boolean
Types Port = port()
PortOrPorts = megaco_ports()
Boolean = boolean()
Checks if a port is a flex scanner port or not (useful when if a port exits).
scan(Binary, PortOrPorts) -> {ok, Tokens, Version, LatestLine} | {error, Reason, LatestLine}
Types Binary = binary()
PortOrPorts = megaco_ports()
Tokens = list()
Version = megaco_version()
LatestLine = integer()
Reason = term()
Scans a megaco message and generates a token list to be passed on the parser.
Ericsson AB megaco 3.15.1 megaco_flex_scanner(3erl)