lbt VSTKP 163

lbt

"October 2000"

"CyberSoft, Inc."

"VFind Security Toolkit"

NAME

lbt \- CyberSoft's Loopback Tail Tool

SYNOPSIS

lbt

"[ " "-c" ", " "--copyright" " ] [ "
"-h" ", " "-?" ", " "--help"

" ] [ " "-v" ", " "--version" " ]"

lbt [ \-db=\fIname\fR, \--database=\fIname\fR ] [ \-a\fR, \--append\fR ] [ \-r=\fInum\fR, \--restrict=\fInum\fR ]

DESCRIPTION

CyberSoft, Inc.'s Loopback Tail Tool is part of the "VFind Security ToolKit" "." "lbt" " is used along with " "lbh" " to ensure that unchanged but" "infected files are reanalysed by " "vfind" ". " "lbh" " will " read filenames from a database. This database can be created anyway the user wishes so long as it is a flat text file that contains one filename per line.

"lbt" " is provided as part of the VSTK to use " "vfind" " output " to create a database suitable for use with "lbh" ". " "lbt" " will read data from the standard input" stream and write it to the standard output stream. "lbt" " will create a database if the " "-db=" "name" option is specified.

OPTIONS

"-c" ", " "--copyright" Display copyright information and then exit. All other options will be ignored.

"-h" ", " "-?" ", " "--help" Display usage message and then exit. All other options will be ignored.

"-v" ", " "--version" Display version information and then exit. All other options will be ignored.

\-db=\fIname\fR, \--database=\fIname Use name as the database. Without this option, lbt will enter passthru mode (read from stdin and write to stdout).

"-a" ", " "--append" When a pre-existing database is specified, the append option causes new entries to be appended to the end of the database, otherwise, lbt will overwrite the database.

\-r=\fInum\fR, \--restrict=\fInum The restrict option allows lbt to use the choke method (as

"described in " "vfind" ") to limit output as described in the table" below. Num Chevron Meaning
--------------------------------------------
1 ##==> Informational Message
2 ##==>> VFind Warning
3 ##==>>> Serious VFind Condition
4 ##==>>>> Possible Virus Detection

USAGE

INPUT lbt reads output from vfind and depends on vfind's uniform chevron output.
"Example" ":"

OUTPUT

lbt " can be used with the" .BI "-r=" "num" option to choke vfind's output. The choke method is discussed in detail in the vfind man page.

FILES (none)

SEE ALSO
"find" "(1), " "cit" "(1), "
"vfind" "(1), " "uad" "(1), "
"lbh" "(1)."

BUGS Please report all bugs to
"support@cyber.com" ". Make sure to include the" version of lbt, the platform and OS, the script or command used, the complete output showing the bug, a short description of the problem, and contact information.