Solved

Anti-virus Scan of Programatic Memory Stream

Posted on 2006-07-11
3
242 Views
Last Modified: 2013-12-04
We are working on a web-based content management solution that allows for uploading files to a database environment.  Files are only written to the hard drive in encrypted fashion, and when decrypted later any virus-laden file can be caught due to temporary writes, but we'd rather trap the file on the way in if it is carrying a virus.  So far the only potential solutions I've been able to find have written files to temporary storage, scanned through the command-line, and checked the error code, but surely there's a better mechanism to allow the scanning of a Windows memory stream.  Any ideas?
0
Comment
Question by:wtr666
3 Comments
 
LVL 12

Accepted Solution

by:
Phil_Agcaoili earned 500 total points
ID: 17106000
What you have described is a current vulnerability of modern Antivirus solutions.

To deceive virus scanners which filter incoming messages and downloads, more and encrypted archives are delivered to bypass scanning engines. It is impossible for current virus scanners to decide if a virus is contained in an excrypted archive, therefore e-mails or downloaded files with an encrypted or password protected archive attachments are are rendered useless to prevent security risks.

What you are suggesting in the temp space is the best solution I've seen so far to mitigate this issue because even in the memory stream, the files need to be decrypted.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now