Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

reliability of pdf sources online

Posted on 2014-01-08
4
Medium Priority
?
358 Views
Last Modified: 2014-02-22
is there an online tool that can verify for me that these downloads are proper and won't try to bring malwares when opening the pdf?

thanks-

[Links to illegal ebook download sites removed by MASQ]
0
Comment
Question by:25112
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 18

Accepted Solution

by:
Steven Harris earned 2000 total points
ID: 39765192
You can use a Virus/Malware URL Scanner such as https://www.virustotal.com/#url
0
 
LVL 5

Author Comment

by:25112
ID: 39765730
very helpful! thanks-
0
 
LVL 38

Expert Comment

by:BillDL
ID: 39879162
Hello 25112

I was just browsing around some old questions and found this.  I know it is answered already, but I thought I would just add some additional information for you to consider.

You can embed malicious content into just about any kind of file, but that does not necessarily mean that the malicious content will be activated when the file is opened normally.  Usually what happens is that the malicious content takes advantage of a vulnerability in the software that opens the file, or the manner in which the operating system allows that program to open files.

One of the tricks used to spread malware via PDF files is to deliberately create a "malformed" PDF file that crashes Adobe Acrobat Reader and then runs some processes with the temporary data in the computer's memory or using a temporary file that has been created.  You can't really know in advance if a PDF file is malformed, although virus scanners might be able to see traces of known "bad code" inside the file.  Most virus scanners also check for unusual activity that falls into a pattern of behaviour that appears to be suspicious or is already known to be suspicious.

One way that you can mitigate (lessen) the chances of malicious files being able to do their dirty work is to disable some of the features in the software that opens those types of files.

For example, two of the settings in Adobe Acrobat Reader that are enabled by default (Edit menu > Preferences) are to allow JavaScript and to allow the opening of external programs from hyperlinks.

Having to look through and check the settings in all the different sections of the Preferences dialog:
Commenting, Documents, Full Screen, General, Page Display, 3D & Multimedia, Accessibility, Adobe Online Services, Email Accounts, Forms, Identity, Internet, JavaScript, Language, Measuring (2D), Measuring (3D), Measuring (Geo), Multimedia (legacy), Multimedia Trust (legacy), Reading, Reviewing, Search, Security, Security (Enhanced), Signatures, Spelling, Tracker, Trust Manager, Units, and Updater
puts people off checking them, but I would urge you to change some of them.  Some settings are not security-related and some may be meaningless to you, but at the very least change these settings:

JavaScript - Untick "enable acrobat javascript"
Trust Manager - Untick "allow opening of non-pdf file attachments in external applications".

Check them again whenever Adobe Acrobat Reader updates.

In general you are better to save PDF files to the hard drive and then open them.  By default PDF files will open using the reader plugin right inside the browser window.  Because theis has been allowed, certain activity that would not normally be permitted by the browser is ignored.  This setting is in a different place for different browsers.  I'm only using Firefox for now, and the setting is under Tools menu > Options > Applications > "Portable Document Format (PDF)" > set it to "Always Ask".

Of course, these security-related settings will not stop you from getting all malware, but it may prevent you from getting some of it.

Just some additional info for you.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question