Solved

reliability of pdf sources online

Posted on 2014-01-08
4
334 Views
Last Modified: 2014-02-22
is there an online tool that can verify for me that these downloads are proper and won't try to bring malwares when opening the pdf?

thanks-

[Links to illegal ebook download sites removed by MASQ]
0
Comment
Question by:25112
4 Comments
 
LVL 18

Accepted Solution

by:
Steven Harris earned 500 total points
ID: 39765192
You can use a Virus/Malware URL Scanner such as https://www.virustotal.com/#url
0
 
LVL 5

Author Comment

by:25112
ID: 39765730
very helpful! thanks-
0
 
LVL 38

Expert Comment

by:BillDL
ID: 39879162
Hello 25112

I was just browsing around some old questions and found this.  I know it is answered already, but I thought I would just add some additional information for you to consider.

You can embed malicious content into just about any kind of file, but that does not necessarily mean that the malicious content will be activated when the file is opened normally.  Usually what happens is that the malicious content takes advantage of a vulnerability in the software that opens the file, or the manner in which the operating system allows that program to open files.

One of the tricks used to spread malware via PDF files is to deliberately create a "malformed" PDF file that crashes Adobe Acrobat Reader and then runs some processes with the temporary data in the computer's memory or using a temporary file that has been created.  You can't really know in advance if a PDF file is malformed, although virus scanners might be able to see traces of known "bad code" inside the file.  Most virus scanners also check for unusual activity that falls into a pattern of behaviour that appears to be suspicious or is already known to be suspicious.

One way that you can mitigate (lessen) the chances of malicious files being able to do their dirty work is to disable some of the features in the software that opens those types of files.

For example, two of the settings in Adobe Acrobat Reader that are enabled by default (Edit menu > Preferences) are to allow JavaScript and to allow the opening of external programs from hyperlinks.

Having to look through and check the settings in all the different sections of the Preferences dialog:
Commenting, Documents, Full Screen, General, Page Display, 3D & Multimedia, Accessibility, Adobe Online Services, Email Accounts, Forms, Identity, Internet, JavaScript, Language, Measuring (2D), Measuring (3D), Measuring (Geo), Multimedia (legacy), Multimedia Trust (legacy), Reading, Reviewing, Search, Security, Security (Enhanced), Signatures, Spelling, Tracker, Trust Manager, Units, and Updater
puts people off checking them, but I would urge you to change some of them.  Some settings are not security-related and some may be meaningless to you, but at the very least change these settings:

JavaScript - Untick "enable acrobat javascript"
Trust Manager - Untick "allow opening of non-pdf file attachments in external applications".

Check them again whenever Adobe Acrobat Reader updates.

In general you are better to save PDF files to the hard drive and then open them.  By default PDF files will open using the reader plugin right inside the browser window.  Because theis has been allowed, certain activity that would not normally be permitted by the browser is ignored.  This setting is in a different place for different browsers.  I'm only using Firefox for now, and the setting is under Tools menu > Options > Applications > "Portable Document Format (PDF)" > set it to "Always Ask".

Of course, these security-related settings will not stop you from getting all malware, but it may prevent you from getting some of it.

Just some additional info for you.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Free HD cloner 11 60
User having issues with opening files Server 2012 5 34
EDI Solution or comparable? 2 33
huntsy malware cant be removed with sophos 2 17
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Employees depend heavily on their PCs, and new threats like ransomware make it even more critical to protect their important data.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question