Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Anti-virus Scan of Programatic Memory Stream

Posted on 2006-07-11
3
Medium Priority
?
258 Views
Last Modified: 2013-12-04
We are working on a web-based content management solution that allows for uploading files to a database environment.  Files are only written to the hard drive in encrypted fashion, and when decrypted later any virus-laden file can be caught due to temporary writes, but we'd rather trap the file on the way in if it is carrying a virus.  So far the only potential solutions I've been able to find have written files to temporary storage, scanned through the command-line, and checked the error code, but surely there's a better mechanism to allow the scanning of a Windows memory stream.  Any ideas?
0
Comment
Question by:wtr666
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 12

Accepted Solution

by:
Phil_Agcaoili earned 2000 total points
ID: 17106000
What you have described is a current vulnerability of modern Antivirus solutions.

To deceive virus scanners which filter incoming messages and downloads, more and encrypted archives are delivered to bypass scanning engines. It is impossible for current virus scanners to decide if a virus is contained in an excrypted archive, therefore e-mails or downloaded files with an encrypted or password protected archive attachments are are rendered useless to prevent security risks.

What you are suggesting in the temp space is the best solution I've seen so far to mitigate this issue because even in the memory stream, the files need to be decrypted.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question