Our web servers have Norton Anti-Virus running on them and you can't save a file to them that's infected then run the anti-virus software - because the file is scanned while being uploaded and if infected will be immediately quarantined and unavailable. The only approach I've seen after googling for a while is to store the files as a temporary file (with a.bin extension or similar) and use the command line to scan the file. CPMalScan will detect and block all kind of malware files uploaded via http and ftp. It has the highest detection rate compared all other malware scanners available for cpanel due to it’s intelligent scanner engine. Hackers heavily uses the vulnerabilities in the WordPress, Joomla and other CMS’s and upload malicious contents. But cPMalScan is able to detect and block it. It also has realtime/active scanning feature which automatically scan new files that are created in the user’s public_html folder. Hi, Thanks to show interest. R u understanding my problem? That what i mean to say? I mean that during upload a file, file must be scanned not on Client Side but on Server Side. And There Must be an error to me if server finds virus in it. And it must not be saved in the Server. That is the whole functionality i am trying my best to under stand the whole mecha nism. Is gona work for me. Hope u guys will continue to share some thing with me. OK - i haven't done this - but I can give you an idea of what you want to do. Client uploads the file I assume you got this working Your page calls a server process using the McAfee engine - I don't know how - it's in the system.process namespace and you probably pass it a commandline - something like server.process.start(' mcafee scan.exe', 'nameofnewfile') - then you need to figure out what the scan engine returns if it finds a virus ( google mcafee scan commandline) if it passes - then continue with your program HTH. Here is some code to play with - I know it is not the 'proper way' - for instance if 2 people do it at the same time, it will probably fail to work as expected. Mcafee has a command line switch /REPORT which generates a report of the scan. I read that file and look for the word 'Found' (if a virus is detected- the file will say Found *name of virus* etc.) if the word found is located - you need to tell the person a virus was found. The timing stuff is crude too. There has to be a more elegant way to do this - but you might find this a good start - not a solution. Coffe - ASP.Net is server-side only there is no way to tell the client what to do from the server end McAffee would need to be installed on the client to do that This post was about scanning the file at the server after it has been uploaded if you download and extract the sdat file from mcaffee ( which you're supposed to have a license to do - but the download works ) you can then call the macaffee scan command - and passit the newly uploaded file as a parameter of command line the code in an earlier post shows that. You need to read a bit more on what.Net is and what it does.Net is a server technology when discussing web applications ( Like an IIS plugin ) It is a client application when talking about wndows forms ( or service etc.) You - the developer - develops an interface to control say McAfee You should put together what you need to know to solve your problem - and start a new thread with a good description of what you need help with To use McAfee on the server - to scan files that are uploaded to server - the above caode should get you started. It shows how to start a process on the server. ![]() If you want to create some windows forms based front-end to McAfee - I don't think that would be legal, but I could be wrong - besides, why would you create an app that wraps somebody elses program in a.Net front-end, McAfee would have to already be installed ( and therefor ready to use ) already Hope that clears it up some. I dealt with this very issue about 4 months ago. Our web servers have Norton Anti-Virus running on them and you can't save a file to them that's infected then run the anti-virus software - because the file is scanned while being uploaded and if infected will be immediately quarantined and unavailable. Our security policy doesn't allow files to be uploaded to a non-secure (i.e. Non-scanned) area. Norton doesn't have APIs, but one can read the log to find out why the file was quarantined. It comes down to either having the file saved to disk for processing or not having the file saved for processing (and then determining why you don't have it after initiating the SaveAs function - this is when you would check the Virus log). I decided not to check the log and just indicate to the user that the file didn't upload and that a virus may be the reason for not receiving the file - not using the log because of time constraints to develop the code, and that the user base is trustworthy. Hope this helps. I need to add a couple of more points. Anit-virus software (AVS) usually has multiple options regarding what to do with an infected file. So any handling of an infected file (IF) will be dependent on the AVS settings. Scan Uploaded Files For Viruses Php Programming TutorialCheck with your web server specialists or network server support. That said, Norton's AVS when set to quarantine IFs, will delete the file and hold it in quarantine (that's our setup at the moment). So I would then have to check the log to see if the file was actually quarantined. In my case, either I have the file at the end of the SaveAs or I don't. If I don't, then I assume it's been quarantined (because if the file is empty, I'll know that when I check the file size). How To Scan My Computer For VirusesWhat you do at the point of quarantine depends on your policy of handling users who send up infected files. Best would be to flag the IP address and domain and don't allow anyone from that IP address and/or domain to upload files. Then you'll need a routine to notify someone (via NT log, email, or console message - or all three) that so-and-so attempted to upload an infected file. Scan My Computer For Viruses Windows 10So on and so forth. Hope some of this helps.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |