F-Secure is treating

We have a standalone web application, in which for every URL request ( which calls CGI binary through system command), a new process is created. With this our application is working fine in normal environment. But in some systems where F-Secure anti-virus program is running there our application is extremely slow and

It is reporting the web application thinking as if it is a virus.

Can you please help what are the situations that makes my web application to be treated as VIRUS?

 

Will digital signature of our binary will help us from AV programs?

Accepted Answer

Comments

  • navvi
    navvi Posts: 4

    Hi,

     

    Actually in our application we have designed one web application which will be using 3 cgi-components for each request and F-Secure is scanning all the times and due to which the performance is very slow.

     

    Do I need to submit all these components or only my web application.

     

     

  • Jagadesan
    Jagadesan Posts: 129 Former F-Secure Employee

    Hi navvi,

    With regards to your problem, I would suggest you to send all the files so that we can whitelist those files from scanning.

    Thanks.

    Best Regards,
    Jagadesan

  • navvi
    navvi Posts: 4

    Hi,

     

    If we submit our binaries for one time if we upgarde our binaries then do we need to submit them again?

     

    This question was asked by my client.

     

    Does the digital signing of the binary does not have any effect on this type of issues?

     

     

  • Jagadesan
    Jagadesan Posts: 129 Former F-Secure Employee

    Hi nawi,

    With regards to your question, once the sum of the md5 have changed for the file you may need to send it again for whitelisting.

     

    Thanks.

    Best Regards,
    Jagadesan

  • navvi
    navvi Posts: 4

    If we procure digital certificate from the third party vendor will it help us from catching of binaries from anti virus program.

     

  • Jayson
    Jayson Posts: 595

    Hi navvi,

     

    Kindly submit the samples to our Security Lab as advised by Siltanen. Once you submitted the sample, our Analysts will check into it and advice you on how to prevent the false positive detections.

     

    Thanks.


    Best Regards,
    Jayson

This discussion has been closed.