diff options
author | mboelen <michael@cisofy.com> | 2015-04-01 15:22:53 +0300 |
---|---|---|
committer | mboelen <michael@cisofy.com> | 2015-04-01 15:22:53 +0300 |
commit | c2bbf4a0a7971e9846515f7c52b439e81e6a6e35 (patch) | |
tree | 6bd5b4a21f1ea77469836583976d29b6fd151b20 /include/tests_malware | |
parent | 003d4857bbe676c180322177ddad57976ad11181 (diff) |
Improved detection for McAfee anti-virus (cma)
Diffstat (limited to 'include/tests_malware')
-rw-r--r-- | include/tests_malware | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/include/tests_malware b/include/tests_malware index 340133a6..c7744dda 100644 --- a/include/tests_malware +++ b/include/tests_malware @@ -66,9 +66,17 @@ Register --test-no MALW-3280 --weight L --network NO --description "Check for clamscan" if [ ${SKIPTEST} -eq 0 ]; then FOUND=0 - logtext "Test: checking process cmdagent (McAfee)" - IsRunning cmdagent - if [ ${RUNNING} -eq 1 ]; then + MCAFEE_RUNNING=0 + logtext "Test: checking process cma or cmdagent (McAfee)" + # cma is too generic to match on, so we want to ensure that it is related to McAfee first + if [ -x /opt/McAfee/cma/bin/cma ]; then + IsRunning cma + if [ ${RUNNING} -eq 1 ]; then MCAFEE_RUNNING=1; fi + else + IsRunning cmdagent + if [ ${RUNNING} -eq 1 ]; then MCAFEE_RUNNING=1; fi + fi + if [ ${MCAFEE_RUNNING} -eq 1 ]; then FOUND=1 Display --indent 2 --text "- Checking McAfee" --result "FOUND" --color GREEN logtext "Result: Found McAfee" |