Solved

Anti-virus Scan of Programatic Memory Stream

Posted on 2006-07-11
3
244 Views
Last Modified: 2013-12-04
We are working on a web-based content management solution that allows for uploading files to a database environment.  Files are only written to the hard drive in encrypted fashion, and when decrypted later any virus-laden file can be caught due to temporary writes, but we'd rather trap the file on the way in if it is carrying a virus.  So far the only potential solutions I've been able to find have written files to temporary storage, scanned through the command-line, and checked the error code, but surely there's a better mechanism to allow the scanning of a Windows memory stream.  Any ideas?
0
Comment
Question by:wtr666
3 Comments
 
LVL 12

Accepted Solution

by:
Phil_Agcaoili earned 500 total points
ID: 17106000
What you have described is a current vulnerability of modern Antivirus solutions.

To deceive virus scanners which filter incoming messages and downloads, more and encrypted archives are delivered to bypass scanning engines. It is impossible for current virus scanners to decide if a virus is contained in an excrypted archive, therefore e-mails or downloaded files with an encrypted or password protected archive attachments are are rendered useless to prevent security risks.

What you are suggesting in the temp space is the best solution I've seen so far to mitigate this issue because even in the memory stream, the files need to be decrypted.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question