Jump to content

Policy Module ftp as endpoint update


Recommended Posts

Hi,

Good Day! I would like to ask about Malwarebytes Management Console Policy Module Updater.

Please see the attached file for your reference.

I want to use Download From Custom Path feature. But i don't know how?

How can i configure this? what files should i share? what files should i load? how can i make a path?

If this is easy to do please don't belittle me, enlighten me.

thank you for your help. :)

Link to post
Share on other sites

  • Staff

Hello, if you mean for the alternate update location, this feature is kind of unruly and not easy to manage. These signature changes happen 6-18+ times a day. You must do this manually each time you wish to create this offline update location.

You'll first need to visit this link - http://data-cdn.mbamupdates.com/v1/database/rules/version.chk - copy the signature version number and paste it into a notepad and name it version.chk. That will give you the version for that moment and have you create the version.chk file the program will need.

Copy and paste these URLs into a different notepad...

http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.vYYYY.MM.DD.ver.ref
http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.vYYYY.MM.DD.ver.ref.yaml

Edit out the vYYYY.MM.DD.ver and replace it with the signature version number you copied earlier. For today 11/22/2016, 9:56am Pacific, the signature is v2016.11.22.09, so the links would be edited to...

http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.v2016.11.22.09.ref
http://data-cdn.mbamupdates.com/v1/database/rules/data/rules.v2016.11.22.09.ref.yaml

Navigate to these links, they will invoke a download. Save the rules.v2016.11.22.09.ref and rules.v2016.11.22.09.ref.yaml files to a folder named "data" (must be named data!), place the data folder and the version.chk together in your alternate location. Note this example has the required data folder under a directory also named data, this is not necessary, the root can be named anything you want as long as the .ref  and .ref.yaml are in a folder named data placed next to version.chk.

offline location folder.JPG

This shared alternate location requires that "everyone" has permission to this location. If the shared folder has been set up correctly and specified in the policy to download from it, then you should see in the client log (%ProgramData%\sccomm\sccomm.log) that the client pulled the signature update from the location that was specified in the policy.

offline location.JPG

If the share was not set up correctly, you will see errors in the log. In this case, the .erf and .ref.yaml files were placed inside the shared folder without being in the data folder, therefore the MEE Client could not find the database files.

offline location II.JPG

I hope that helps!

Link to post
Share on other sites

  • 4 months later...

Hi Dyllon

i just want to say thank you for your support. i found out how to download the updates in one click

please see the attached file. hope this will help you guys and other people there looking for easy way to download signature updates

you must rename the file extension from .txt to .ps1 and run it as administrator.

it downloads signature updates and place it to C:/Data/Data

Thanks!

-Kurt

downloadupdates.txt

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.