Checking web uploads for malware

Pohdinto

My client hosts a web application which receives a number of attachments from its users. The attachments are available to a group of users, which requires us to implement a malware check on the server end. Only PDF and JPG files are accepted, so we don't need to run scans on exe files. Most of the users use Windows, but the servers run on Linux. The attachments go directly to an Oracle database.

 

1) Can we scan a blob in Oracle DB or memory, can we stream it to the scanner software, or do we need to write the file on disc first?

 

2) Can we use F-Secure Anti-Virus on Linux to scan PDF and JPG files to find malware targetted for Windows (and other platforms?)

 

3) Is PDF malware platform dependent or it triggers on any platform while using an outdated Adobe Reader?

 

Thanks for any help.

 

-- Eki

 

Gary

Hi Pohdinto,

 

1) Can we scan a blob in Oracle DB or memory, can we stream it to the scanner software, or do we need to write the file on disc first?

> The Oracle database file and the memory will not be scan, however it's temporary file will be scanned as a normal file. F-Secure Linux Security does not have network protection layer, hence malware will be stopped at disc layer.

 

2) Can we use F-Secure Anti-Virus on Linux to scan PDF and JPG files to find malware targeted for Windows (and other platforms?)

> Yes, Windows malware can be detect on Linux OS using F-Secure Linux Security.

 

3) Is PDF malware platform dependent or it triggers on any platform while using an outdated Adobe Reader?

> PDF malware uses Adobe vulnerability in order to take advantage and to do code execution on the system, therefore users are advice to install the latest version of Adobe software at all time.