Scanning of file for virus when file upload is useded in a HTML form

Posted on 2006-04-20
Last Modified: 2013-12-04
I hope that I put this in the correct category, but here goes. On my companies website we have a page for the HR department that allows people to apply for jobs. On the form, (no scripts are running) which was created through FrontPage we have a section to paste your resume. Once the form is submitted and emailed to designated email address because of the text box that is used to paste the resume in, all formatting (obviously) is lost. As the request from my HR department they would like to have the resumes uploaded, so all formatting is intact. My concern is what type of security risk does this run for viruses. Are the files scanned RIGHT AWAY after the file is completely uploaded or do we have to wait until the daily scan set in the configuration of the Anti Virus program? We are using Symantec Antivirus Corp Edition 10. Thank you all for your help in this matter!!!!
Question by:mystics7
    LVL 8

    Accepted Solution

    Symantec scans files ON ACCESS. Norton antivirus (Symantec) uses a file system filter driver (like all mainstream AV software) to read a file while it's being loaded in memory. If there is something nasty in it, the filestream will be closed before anything bad can happen.

    If the applicant's resume is being pasted in as plain text, there is no formating being lost because there IS NONE. Text documents are not formated like HTML is (the reason we use html in webpages instead of txt documents). Just be wary of word documents since they can contain vbs macros.

    Third, since the resume is feed in, and then emailed to your HR department, most likely there is an AV product on the mail server scanning also, so if there was something malicious in the resume the mail server would catch it before it ever was sent to HR.

    Forth, and scripting language used in an attack, like js or vbs, would have to have an appropriate file extension in order for the correct intrepreting engine to read and execute those instructions. For example, for vbs (visual basic script) to harm you, the file would have to have a .vbs extension. VBS included in a .txt document is worthless. Now, vbs or js could be interpreted if the received file was a .htm or .html file, but then again, the AV would catch that. I download the love letter virus to take a look at it (it was in a .txt document) and my AV was STILL freaking out about it.....

    Hope I didn't confuse you.

    LVL 9

    Author Comment

    Thank you very much for your quick reply this sheds alot of lite on the situation. It was help full and informative!!!!!!!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
    Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now