Server side virus scanning

Here are my results for ClamAV when tested against known viruses (the problem is, none of these should have passed):

+-----------+------------------------------+
|  Results  |             File             |
+-----------+------------------------------+
| infected  | AdvancedXPFixerInstaller.exe |
| pass      | auto.exe                     |
| pass      | cartao.exe                   |
| infected  | cartoes_natal.exe            |
| pass      | codec.exe                    |
| pass      | e421.exe                     |
| pass      | fixtool.exe                  |
| infected  | flash_install.exe            |
| infected  | issj.exe                     |
| infected  | iwmdo.exe                    |
| infected  | jobxxc.exe                   |
| infected  | kbmt.exe                     |
| pass      | killer_cdj.exe               |
| pass      | killer_javqhc.exe            |
| infected  | killer_rodog.exe             |
| infected  | kl.exe                       |
| infected  | MacromediaFlash.exe          |
| infected  | MacromediaFlashPlayer.exe    |
| infected  | paraense.exe                 |
| infected  | pibzero.exe                  |
| pass      | scan.exe                     |
| pass      | uaqxtg.exe                   |
| pass      | vejkcfu.exe                  |
| infected  | VIDeoSS.exe                  |
| infected  | wujowpq.exe                  |
| pass      | X-IrCBOT.exe                 |
+-----------+------------------------------+

I would have a look at Clam AntiVirus. It provides a clamscan program that can scan a given file and return a pass/fail indication. It's free and automatically updates its database regularly.

As for integrating such a product into your file upload process, that would be specific to whatever file upload process you actually use.

Tags:

Linux

Server Side

Antivirus

Recent Posts