Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1073 Views 8 Replies Latest reply: Feb 10, 2012 5:13 AM by dmease729 RSS
dmease729 Champion 267 posts since
Jul 22, 2011
Currently Being Moderated

Feb 9, 2012 4:56 AM

Are folder exclusions recursive?

Hi,

 

Quick questions off the back of KB50998:

 

1) If I exclude c:\dir1\dir2\ does that exclude every file in that directory only, or everything in subdirectories recursively? ie:

     - c:\dir1\dir2\hello.txt     is excluded

     - c:\dir1\dir2\dir3\helloagain.txt     excluded?

 

2) If it *isnt* recursive, is the correct syntax to make it recursive c:\dir1\dir2\** or c:\dir1\dir2\**\ (i would go with former at a guess)

 

3) If it *is* recursive, what would be the best way to exclude everything *except* a given directory, if directory names under the configured excluded directory are subject to change, ie:

     - I want to exclude everything under c:\dir1\dir2\ *except* c:\dir1\dir2\dangerdir\

     - Subdirectory names can be random and are unknown at exception configuration time, so a folder called c:\dir1\dir2\thisisrandom2746\ could be created, and I do not want to scan this folder, and folders like this.

 

I have a feeling that 1 is 'yes', so question 3 holds, but just thought I would run a quick sanity check! 

 

cheers,

  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009
    Currently Being Moderated
    1. Feb 9, 2012 7:25 AM (in response to dmease729)
    Re: Are folder exclusions recursive?

    Hello,

     

    If I exclude c:\dir1\dir2\ does that exclude every file in that directory only, or everything in subdirectories recursively? ie:

         - c:\dir1\dir2\hello.txt     is excluded

         - c:\dir1\dir2\dir3\helloagain.txt     excluded?

    in my opinion: fc:\dir1\dir2\ exludes all files in this folder but not any subfolders unless you ticked the "Exclude subfolders" option, or maybe, specified the string to exclude as "C:\dir1\dir2\**\" (without specifying the "Exclude subfolders" option).

     

    The ** in this example "should" mean also the subfolder root pointer and any subfolder underneath.

     

    Attila

  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009
    Currently Being Moderated
    3. Feb 10, 2012 12:26 AM (in response to dmease729)
    Re: Are folder exclusions recursive?

    Hi,

     

    that is not easy: I think you need to account of any fixed folder names in the exclusion as well as files and specify the entire exclusion as a set of combination of these, like this:

     

    c:\dir1\dir2\ with no Exclude subfolders

    c:\dir1\dir2\stablefolder1\ with exclude subfolders if needed or with a **\ suffix

    c:\dir1\dir2\stablefolder2\ with exclude subfolders if needed or with a **\ suffix

    etc.

     

    I've had just an identical situation in the case of a SCCM exclusion need where luckily we had just a few stable folder (along with several changing ones) names which was not very hard to explicitly specify. To my knowledge there is not a simple way of telling to not exclude a given subfolder once you've excluded everything around it. Or you could use wildcards if the changing names show some pattern.

     

    Maybe you could use low and high risk processes and specify exclusion.

     

    If there are files with patterns in their extension or names under the changing folder names, then using high risk processes, specify the process that creates them and add them to the files to scan in a separate OAS policy for this high risk process, while you exclude the folders in the normal or low risk OAS policy.

     

    Attila

  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009
    Currently Being Moderated
    5. Feb 10, 2012 4:00 AM (in response to dmease729)
    Re: Are folder exclusions recursive?

    The whole scenario will be blown when Visuscan is presented with file paths such as Device\Harddisk1\etc. You then need to start over .

  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009
    Currently Being Moderated
    7. Feb 10, 2012 4:52 AM (in response to dmease729)
    Re: Are folder exclusions recursive?

    Just before doing so, pls review these:

     

    KB61143 KB61000 and KB67648

     

    Attila

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points