Advertisement
Guest User

SYMANTEC SOURCE CODE OWNEED

a guest
Jan 6th, 2012
12,690
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.33 KB | None | 0 0
  1. -- -------- -----
  2. \ \ \ \_\ \/ /\ \
  3. \ \ \ \_\ / \ \_\ \
  4. / _\/_/ \_\ \_\ \_\,,,^++^,,,
  5. /__/TEAM++The Lords of Dharmaraja++
  6. Releze 003+
  7. +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
  8. As of now we start sharing with all our brothers and followers information from the Indian Militaty Intelligence servers, so far we have discovered within the Indian Spy Programme source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI.
  9. Now we release confidential documentation we encountered of Symantec corporation and it's Norton AntiVirus source code which we are going to publish later on, we are working out mirrors as of now since we experience extreme pressure and censorship from US and India government agencies.
  10. Tancs spy programme preview:
  11. http://imgur.com/a/8XoGf
  12. Our first release with the Indian MI in Paris owneed like shit:
  13. http://pastebin.com/0U4dWcUX
  14.  
  15. And now first portion of Symantec docs:
  16. We want to ask Symantec WTF Indian MI have them at?
  17. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  18. Definition Generation Service API specifications
  19. fourth draft
  20.  
  21.  
  22. Edward Pring, pring@watson.ibm.com
  23. Senthil Velayudham, sen@us.ibm.com
  24.  
  25.  
  26. This document describes the application programming interface specifications required for
  27. generating virus definitions automatically from the Immune System analysis center.
  28.  
  29.  
  30. This is a working draft. Do not code to this document.
  31.  
  32.  
  33.  
  34. IBM/Symantec Confidential
  35.  
  36. April 28, 1999
  37.  
  38.  
  39. Introduction
  40.  
  41. The samples submitted for virus analysis will be processed inside the Immune System analysis center by a core set of tasks as shown below.
  42.  
  43. Classifier
  44. Controller
  45. Replicator
  46. Analyzer
  47. Incremental build
  48. Incremental unit test
  49. Full build
  50. Full unit test
  51.  
  52. In addition to the above tasks, there will also be a program that asynchronously imports the new definition packages generated by human analysts outside the analysis center.
  53.  
  54. If all the tasks are successful for a given sample, a fully unit tested definition will be the end result of the automated analysis. In order to generate the virus definitions, the analysis center will be using the Symantec’s Definition Generation Service located outside the analysis center firewall as shown below.
  55.  
  56.  
  57. The ‘Incremental build’ and ‘Full build’ tasks inside the analysis center will use the API (provided by Symantec) to generate a new definition. The specifications for the API are described in the following sections. The API set will be provided in the form of a PERL module (SDGS.PM).
  58.  
  59. Unless otherwise stated in the API description, the standard error codes will be:
  60. “0” - OK
  61. “1” - Error
  62. “2” - Fail
  63. “3” - In Progress
  64. “4” - Lock Broken
  65.  
  66. When a function returns Error, the analysis center may re-try the function after an interval.
  67.  
  68. When a function returns Fail, the analysis center will defer the current sample and may then continue with the next sample.
  69.  
  70. When a function returns Lock Broken, the analysis center may re-start the current sample after an interval.
  71.  
  72. 1. Lock
  73. $status = SDGS::Lock ();
  74.  
  75. Description
  76. This function acquires an exclusive lock for the source library and definition generation system located outside the analysis center firewall. The locking is required to serialize access to the source library and definition generation system so that virus signatures are checked in and built atomically, whether by the automated analysis center or by the SARC engineers.
  77.  
  78. Arguments
  79. There are no arguments for this function.
  80.  
  81. Return values
  82. This function returns the result as shown below.
  83.  
  84. OK - If an exclusive lock is obtained.
  85. In Progress - If the definition generation system is busy generating some other definition.
  86. Error - All other errors. (HTTP server down, Perforce system down etc.)
  87.  
  88. See Also
  89. Unlock
  90.  
  91. 2. StartIncrementalDataBuild
  92. ($status, $previousSequence) =
  93. SDGS::StartIncrementalDataBuild ($source);
  94.  
  95. Description
  96. This function starts the incremental data build in the definition generation system and returns immediately without waiting for the build to complete. The incremental build uses the output files from a previously finished FULL build and modifies only the necessary data files (virscanX.dat).
  97.  
  98. Arguments
  99. $source is the full path to the directory and filename where the ‘Input Source Definition Packet’ is available. This file may be located on a local or a remote file system. It can also be specified in the UNC format, such as “\\avserver5\samples\00000100\output\defsource.isdp”. The directory or file name could have spaces or special characters in it. The format of this file is specified in the Symantec’s “Automated Definition Generation for the Digital Immune System Architectural Document”.
  100.  
  101. Return values
  102. This function returns the result as a list. The returned list will have two values in it. The first value $status in the list will be the status of the performed operation as shown below.
  103.  
  104. In Progress - If the incremental data build has been successfully started.
  105. Fail – the IDSP is invalid
  106. Lock Broken – the exclusive lock has been broken by some other process
  107. Error - All other errors. (HTTP server down, Perforce system down etc.)
  108.  
  109. The second value $previousSequence in the list will be the AVIS sequence number of the definitions from the previous FULL build that is used in the current incremental build.
  110.  
  111. See Also
  112. StartFullDataBuild
  113.  
  114. 3. IncrementalDataBuildStatus
  115. $status = SDGS::IncrementalDataBuildStatus ();
  116.  
  117. Description
  118. This function returns the status of the current incremental definition build.
  119.  
  120. Arguments
  121. There are no arguments for this function.
  122.  
  123. Return values
  124. This function returns the value $status of the definition build as shown below.
  125.  
  126. In Progress - If the data build is still running.
  127. OK - If the data build has finished successfully.
  128. Fail – If the data build has finished unsuccessfully.
  129. Lock Broken – the exclusive lock has been broken by some other process
  130. Error - All other errors. (HTTP server down, Perforce system down etc.)
  131.  
  132.  
  133. 4. GetBuiltPackage
  134. $status = SDGS::GetBuiltPackage ($packageType, $packageFilename);
  135.  
  136. Description
  137. This function gets the recently built definition package after a successful data build.
  138.  
  139. Arguments
  140. $packageType is the type of the definition package to get. For the initial release of the Immune System, this argument will always be a literal string called “FatAlbert”.
  141.  
  142. $packageFilename is the full path to the directory and filename where the newly built package should be stored. This file may be stored on a local or a remote file system. It can also be specified in the UNC format, such as “\\avserver5\defpackages\00000256\temp.exe”. The directory or file name could have spaces or special characters in it.
  143.  
  144. Return values
  145. This function returns the value $status as shown below.
  146.  
  147. OK - If the definition package has been successfully obtained.
  148. Lock Broken – the exclusive lock has been broken by some other process
  149. Error - All other errors. (HTTP server down, Perforce system down etc.)
  150.  
  151. See Also
  152. GetNewestPackage, GetBlessedPackage
  153.  
  154. 5. StartFullDataBuild
  155. ($status, $newestSequence) = SDGS::StartFullDataBuild ($sourceFilename);
  156.  
  157. Description
  158. This function starts the full data build in the definition generation system and returns immediately without waiting for the build to complete. Before starting the full build, the AVIS sequence number is incremented and the new definition source is committed to the Perforce source control management system.
  159.  
  160. Arguments
  161. $sourceFilename is the full path to the directory and filename where the ‘Input Source Definition Packet’ is available. This file will be made available on a local or a remote file system. It can also be specified in the UNC format, such as “\\avserver5\samples\00000100\output\defsource.isdp”. The directory or file name could have spaces or special characters in it.
  162.  
  163. Return values
  164. This function returns the result as a list. The returned list will have two values in it.
  165.  
  166. The first value $status in the list will be the status of the performed operation as shown below.
  167.  
  168. In Progress - If the full data build has been successfully started.
  169. Fail – IDSP is invalid
  170. Lock Broken – the exclusive lock has been broken by some other process
  171. Error - All other errors. (HTTP server down, Perforce system down etc.)
  172.  
  173. The second value $newestSequence in the list will be the newly incremented AVIS sequence number assigned to this committed full build. This sequence number is incremented on every automatic and manual build. This number is always in ascending order and never reset. It is not same as the daily version number. It ranges from 1 to 99,999,999. Duplicate sequence numbers are not allowed and skipping some sequence numbers is allowed.
  174.  
  175. See Also
  176. StartIncrementalDataBuild
  177.  
  178.  
  179. 6. FullDataBuildStatus
  180. $status = SDGS::FullDataBuildStatus();
  181.  
  182. Description
  183. This function returns the status of the current full definition build.
  184.  
  185. Arguments
  186. There are no arguments for this function.
  187.  
  188. Return values
  189. This function returns the value $status of the definition build as shown below.
  190.  
  191. In Progress - If the data build is still running.
  192. OK - If the data build has finished successfully.
  193. Fail – If the data build has finished unsuccessfully.
  194. Lock Broken – the exclusive lock has been broken by some other process
  195. Error - All other errors. (HTTP server down, Perforce system down etc.)
  196.  
  197.  
  198. 7. Unlock
  199. $status = SDGS::Unlock ();
  200.  
  201. Description
  202. This function relinquishes the exclusive lock obtained for the definition generation system located outside the analysis center firewall. The user of the definition generation system will be responsible for calling this function after the ‘Data Build’ operation is completed.
  203.  
  204. Arguments
  205. There are no arguments for this function.
  206.  
  207. Return values
  208. This function returns the value $status as shown below.
  209.  
  210. OK - If the exclusive lock is released for the definition generation system.
  211. Error - All other errors. (HTTP server down, Perforce system down etc.)
  212.  
  213. See Also
  214. Lock
  215.  
  216. 8. GetNewestPackage
  217. ($status, $newerSequence) =
  218. SDGS::GetNewestPackage ($packageType, $packageFilename, $olderSequence);
  219.  
  220. Description
  221. This function gets the newest definition package available, if it is different from the newest package already in the analysis center. This function will be used periodically to get newer definition packages generated by human analysts outside the analysis center firewall. This function does not build a definition package, it just gets a package that has previously been built. This function does not require exclusive access to the source library or definition generation system, and may be called with or without the lock.
  222.  
  223. This function specifies as an argument the sequence number of an older package previously gotten. If there are no newer packages available with sequence numbers higher than the specified older sequence number, this function will not get any definition package. If there are newer packages available with sequence numbers higher than the specified older sequence number, this function will get the newest package.
  224.  
  225. Arguments
  226. $packageType is the type of the definition package to get. For the initial release of the Immune System, this argument will always be a literal string called “FatAlbert”.
  227.  
  228. $packageFileName is the full path to the directory and filename where the newest package should be stored. This file may be stored on a local or a remote file system. It can also be specified in the UNC format, such as “\\avserver5\defpackages\00000257\temp.exe”. The directory or file name could have spaces or special characters in it.
  229.  
  230. $olderSequence is the sequence number of the definition package which is already available in the analysis center. This function will try to get a definition package that is newer than this value.
  231.  
  232. Return values
  233. This function returns the result as a list. The returned list will have two values in it.
  234.  
  235. The first value $status in the list will be the status of the performed operation as shown below.
  236.  
  237. OK - If the newest definition package has been successfully obtained.
  238. Fail - If no newer definition package is available.
  239. Error - All other errors. (HTTP server down, Perforce system down etc.)
  240.  
  241. The second value $newerSequence in the list will be the sequence number of the definition package gotten, or NULL if no newer packages are available.
  242.  
  243. See Also
  244. GetBuiltPackage, GetBlessedPackage
  245.  
  246. 9. GetBlessedPackage
  247. ($status, $blessedSequence) =
  248. SDGS::GetBlessedPackage ($packageType, $packageFilename, $previousSequence);
  249.  
  250. Description
  251. This function gets the current blessed definition package, if it is different from the blessed package that is already in the analysis center. This function will be used periodically to get a definition package that has been blessed outside the analysis center firewall. This is same as the definition package that is published to the LiveUpdate server after a successful quality assurance test. This function does not build a definition package, it just gets a package that has previously been built and blessed. This function does not require exclusive access to the source library or definition generation system, and may be called with or without the lock.
  252.  
  253. This function specifies as an argument the sequence number of an older blessed package previously gotten. If the current blessed package does not have a sequence number higher than the specified older sequence number, this function will not get any definition package. If the current blessed package does have a sequence number higher than the specified older sequence number, this function will get the current blessed package.
  254.  
  255. Arguments
  256. $packageType is the type of the definition package to get. For the initial release of the Immune System, this argument will always be a literal string called “FatAlbert”.
  257.  
  258. $packageFileName is the full path to the directory and filename where the blessed package should be stored. This file may be stored on a local or a remote file system. It can also be specified in the UNC format, such as “\\avserver5\defpackages\00000257\temp.exe”. The directory or file name could have spaces or special characters in it.
  259.  
  260. $previousSequence is the sequence number of the blessed definition package which is already available in the analysis center. This function will try to get a blessed definition package that has superceded this value.
  261.  
  262. Return values
  263. This function returns the result as a list. The returned list will have two values in it.
  264. The first value $status in the list will be the status of the performed operation as shown below.
  265.  
  266. OK - If the blessed definition package has been successfully obtained.
  267. Fail - If the current blessed definition package has not changed.
  268. Error - All other errors. (HTTP server down, Perforce system down etc.)
  269.  
  270. The second value $blessedSequence in the list will be the sequence number of the current blessed definition package gotten, or NULL if the current blessed package has not changed.
  271.  
  272. See Also
  273. GetBuiltPackage, GetNewestPackage
  274. Miscellaneous
  275.  
  276. This section briefly describes the steps involved in generating definitions from the Immune System analysis center.
  277.  
  278.  
  279.  
  280. i) Whenever a definition build needs to be done for a sample, the analysis center client will make a ‘lock’ request to lock the definition generation service. If a lock has been obtained successfully, the analysis center client will issue a ‘Incremental build’ request to the Symantec definition generation service. This request will provide the definition source strings as input to the definition generation service. For the Incremental build, the output files of the previously finished full build will be used as the base.
  281.  
  282. ii) Analysis center client will query the definition generation service periodically to get the incremental build results.
  283.  
  284. iii) When the incremental build is done, the analysis center client will get the newly built definition package using the GetBuiltPackage () function. For the initial release of the Immune System release, the analysis center client will get a package (Fat Albert) containing the modified ‘virscanX.dat’ files and all other files from the most recent FULL build.
  285.  
  286. iv) After receiving the incremental build results, a unit test will be done inside the analysis center.
  287.  
  288. v) Based on the unit test results, analysis center client will issue a ‘Full build’ request to the definition generation service. At this time, the definition generation service will increment the definition sequence number, commit the unit tested definitions to the Perforce source control management system and do a final FULL build using the successfully unit tested definition source strings.
  289.  
  290. vi) The analysis center client will query the definition generation service periodically for the final build results.
  291.  
  292. vii) When the final build is complete, the analysis center client will get the definition package resulting from the full build.
  293.  
  294. viii) The analysis center client will unit test the final FULL build results. If the unit test succeeds, the lock acquired on the definition generation service will be released and the newly built definition package will be distributed to the customers. If the unit test fails, the analysis center client sends an alert and stops holding the definition generation service lock until the SARC engineers handle this error manually.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement