Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

reliability of pdf sources online

Posted on 2014-01-08
4
Medium Priority
?
362 Views
Last Modified: 2014-02-22
is there an online tool that can verify for me that these downloads are proper and won't try to bring malwares when opening the pdf?

thanks-

[Links to illegal ebook download sites removed by MASQ]
0
Comment
Question by:25112
3 Comments
 
LVL 18

Accepted Solution

by:
Steven Harris earned 2000 total points
ID: 39765192
You can use a Virus/Malware URL Scanner such as https://www.virustotal.com/#url
0
 
LVL 5

Author Comment

by:25112
ID: 39765730
very helpful! thanks-
0
 
LVL 39

Expert Comment

by:BillDL
ID: 39879162
Hello 25112

I was just browsing around some old questions and found this.  I know it is answered already, but I thought I would just add some additional information for you to consider.

You can embed malicious content into just about any kind of file, but that does not necessarily mean that the malicious content will be activated when the file is opened normally.  Usually what happens is that the malicious content takes advantage of a vulnerability in the software that opens the file, or the manner in which the operating system allows that program to open files.

One of the tricks used to spread malware via PDF files is to deliberately create a "malformed" PDF file that crashes Adobe Acrobat Reader and then runs some processes with the temporary data in the computer's memory or using a temporary file that has been created.  You can't really know in advance if a PDF file is malformed, although virus scanners might be able to see traces of known "bad code" inside the file.  Most virus scanners also check for unusual activity that falls into a pattern of behaviour that appears to be suspicious or is already known to be suspicious.

One way that you can mitigate (lessen) the chances of malicious files being able to do their dirty work is to disable some of the features in the software that opens those types of files.

For example, two of the settings in Adobe Acrobat Reader that are enabled by default (Edit menu > Preferences) are to allow JavaScript and to allow the opening of external programs from hyperlinks.

Having to look through and check the settings in all the different sections of the Preferences dialog:
Commenting, Documents, Full Screen, General, Page Display, 3D & Multimedia, Accessibility, Adobe Online Services, Email Accounts, Forms, Identity, Internet, JavaScript, Language, Measuring (2D), Measuring (3D), Measuring (Geo), Multimedia (legacy), Multimedia Trust (legacy), Reading, Reviewing, Search, Security, Security (Enhanced), Signatures, Spelling, Tracker, Trust Manager, Units, and Updater
puts people off checking them, but I would urge you to change some of them.  Some settings are not security-related and some may be meaningless to you, but at the very least change these settings:

JavaScript - Untick "enable acrobat javascript"
Trust Manager - Untick "allow opening of non-pdf file attachments in external applications".

Check them again whenever Adobe Acrobat Reader updates.

In general you are better to save PDF files to the hard drive and then open them.  By default PDF files will open using the reader plugin right inside the browser window.  Because theis has been allowed, certain activity that would not normally be permitted by the browser is ignored.  This setting is in a different place for different browsers.  I'm only using Firefox for now, and the setting is under Tools menu > Options > Applications > "Portable Document Format (PDF)" > set it to "Always Ask".

Of course, these security-related settings will not stop you from getting all malware, but it may prevent you from getting some of it.

Just some additional info for you.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Choosing the right mix of apps is very much necessary for CPAs for making the most of the latest technology through which they can boost their growth.
There are literally thousands of Exchange recovery applications out there. So how do you end up picking one that’s ideal for your business & purpose? By carefully scouting the product’s features, the benefits it offers you, & reading ample reviews f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question