Checking web uploads for malware

Novice

Checking web uploads for malware

My client hosts a web application which receives a number of attachments from its users. The attachments are available to a group of users, which requires us to implement a malware check on the server end. Only PDF and JPG files are accepted, so we don't need to run scans on exe files. Most of the users use Windows, but the servers run on Linux. The attachments go directly to an Oracle database.

 

1) Can we scan a blob in Oracle DB or memory, can we stream it to the scanner software, or do we need to write the file on disc first?

 

2) Can we use F-Secure Anti-Virus on Linux to scan PDF and JPG files to find malware targetted for Windows (and other platforms?)

 

3) Is PDF malware platform dependent or it triggers on any platform while using an outdated Adobe Reader?

 

Thanks for any help.

 

-- Eki

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Former F-Secure Employee

Re: Checking web uploads for malware

Hi Pohdinto,

 

1) Can we scan a blob in Oracle DB or memory, can we stream it to the scanner software, or do we need to write the file on disc first?

> The Oracle database file and the memory will not be scan, however it's temporary file will be scanned as a normal file. F-Secure Linux Security does not have network protection layer, hence malware will be stopped at disc layer.

 

2) Can we use F-Secure Anti-Virus on Linux to scan PDF and JPG files to find malware targeted for Windows (and other platforms?)

> Yes, Windows malware can be detect on Linux OS using F-Secure Linux Security.

 

3) Is PDF malware platform dependent or it triggers on any platform while using an outdated Adobe Reader?

> PDF malware uses Adobe vulnerability in order to take advantage and to do code execution on the system, therefore users are advice to install the latest version of Adobe software at all time.

Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.

View solution in original post

1 REPLY 1
Highlighted
Former F-Secure Employee

Re: Checking web uploads for malware

Hi Pohdinto,

 

1) Can we scan a blob in Oracle DB or memory, can we stream it to the scanner software, or do we need to write the file on disc first?

> The Oracle database file and the memory will not be scan, however it's temporary file will be scanned as a normal file. F-Secure Linux Security does not have network protection layer, hence malware will be stopped at disc layer.

 

2) Can we use F-Secure Anti-Virus on Linux to scan PDF and JPG files to find malware targeted for Windows (and other platforms?)

> Yes, Windows malware can be detect on Linux OS using F-Secure Linux Security.

 

3) Is PDF malware platform dependent or it triggers on any platform while using an outdated Adobe Reader?

> PDF malware uses Adobe vulnerability in order to take advantage and to do code execution on the system, therefore users are advice to install the latest version of Adobe software at all time.

Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.

View solution in original post