lbt(1)

CyberSoft VFind Security Toolkit

lbt(1)

NAME

lbt - CyberSoft's Loopback Tail Tool

SYNOPSIS

lbt

[-c, --copyright] [-h, -?, --help] [-v, --version]

lbt

[-db=name, --database=name] [-a, --append] [-r=num, --restrict=num]

DESCRIPTION

CyberSoft, Inc.'s Loopback Tail Tool is part of the VFind Security ToolKit. lbt is used along with lbh(1) to ensure that unchanged but infected files are reanalysed by vfind(1). lbh(1) will read filenames from a database. This database can be created anyway the user wishes so long as it is a flat text file that contains one filename per line. lbt is provided as part of the VSTK to use vfind(1) output to create a database suitable for use with lbh(1). lbt will read data from the standard input stream and write it to the standard output stream. lbt will create a database if the -db=name option is specified.

OPTIONS

-c, --copyright

Display copyright information and then exit. All other options will be ignored.

-h, -?, --help

Display usage message and then exit. All other options will be ignored.

-v, --version

Display version information and then exit. All other options will be ignored.

-db=name, --database=name

Use name as the database. Without this option, lbt will enter passthru mode (read from stdin and write to stdout).

-a, --appen

When a pre-existing database is specified, the append option causes new entries to be appended to the end of the database, otherwise, lbt will overwrite the database.

-r=num, --restrict=num

The restrict option allows lbt to use the choke method (as described in vfind(1)) to limit output as described in the table below.

Num

Chevron

Meaning

1

##==>

Informational Message

2

##==>>

VFind Warning

3

##==>>>

Serious VFind Condition

4

##==>>>>

Possible Virus Detection

USAGE

INPUT

lbt reads output from vfind(1) and depends on vfind(1)'s uniform chevron output.

Example: 

    find / -type f | cit | lbh -db=lb.db | uad -s -ssw | \
      vfind -ssr | lbt -db=lb.db -a

OUTPUT

lbt can be used with the -r=num option to choke vfind's output. The choke method is discussed in detail in vfind(1).

FILES

(none)

SEE ALSO

find(1), cit(1), vfind(1), uad(1), lbh(1).

BUGS

Please report all bugs to support@cyber.com Make sure to include the version of lbt, the platform and OS, the script or command used, the complete output showing the bug, a short description of the problem, and contact information.

COPYRIGHT

© 1999-2002 by CyberSoft, Inc. All rights reserved.

lbt(1)

CyberSoft VFind Security Toolkit

lbt(1)