Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

What does the time in the AV signature version signify?

0

0

Article ID: KB16058 KB Last Updated: 04 Mar 2017Version: 4.0
Summary:

Symptoms:
What does the time in the AV signature version signify?
Solution:
The date and time information contained in the AV signature version, in the `get av scan` (ScreenOS) and 'show security utm anti-virus status' (JUNOS) output represents the time a particular signature pack was released by Kaspersky Labs.  Note that this should not be confused as the time the signature pack was uploaded to our production server.

In the ScreenOS example below, the version information states as `12/04/2009 04:52 GMT`, which means this signature pack was signed out by KL on 04-Dec-2009 at 07:52hrs Moscow Time (GMT +3/+4 depending on daylight saving time).The time stamp also acts as a version identifier for the signature release.

On ScreenOS:
SSG550-> get av scan
<AV scan engine info>
    AV Key Expire Date: 01/01/2020 00:00:00
    Update Server: http://update.juniper-updates.net/av/i386/
           interval: 240 minutes
           auto update status: next update in 220 minutes
           last result: new database loaded
    pattern update proxy status: OFF
    AV signature version: 12/04/2009 04:52 GMT, virus records: 449342
    Scan Engine Info: last action result: No error(0x00000000), memory left 245776kB
    Scan engine default file extension list: 386;ACE;ARJ;ASP;BAT;BIN;BZ2;CAB;CHM
;CLA;CMD;COM;CPL;DLL;DOC;DOT;DPL;DRV;DWG;ELF;EMF;EML;EXE;FON;FPM;GEA;GZ;HA;
HLP;HTA;HTM;HTML;HTT;HXS;ICE;INI;ITSF;JAR;JPEG;JPG;JS;JSE;LHA;LNK;LZH;MBX;MD?;
MIME;MSG;MSI;MSO;NWS;OCX;OTM;OV?;PDF;PHP;PHT;PIF;PK;PL;PLG;PP?;PRG;PRJ;RAR;
REG;RTF;SCR;SH;SHS;SWF;SYS;TAR;TGZ;THE;TSP;VBE;VBS;VXD;WSF;WSH;XL?;XML;ZIP;
    pattern type: standard
    max content size: 10000(k) (drop if exceeds)
    max-msgs: 1024 (drop if exceeds)
    decompress layer: (drop if exceeds)
    password file: (pass if occurs)
    corrupt file: (pass if occurs)
    out of resource: (drop if occurs)

On SRX platform:

root@SRX210# run show security utm anti-virus status
node0:
--------------------------------------------------------------------------
UTM anti-virus status:

   Anti-virus key expire date: 2010-10-06 09:00:00
   Update server: http://update.juniper-updates.net/AV/SRX210/
          Interval: 60 minutes
          Pattern update status: next update in 45 minutes
          Last result: already have latest database
   Anti-virus signature version: 12/03/2009 19:56 GMT, virus records: 536590
   Anti-virus signature compiler version: N/A
   Scan engine type: kaspersky-lab-engine
   Scan engine information: last action result: No error(0x00000000)


 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search