Since such limitations might easily make the service you provide unsuitable for several users you might at least try to limit the impact of such files by requiring manual action of the user before downloading the file, i.e. This includes any kind of executable files but also office documents or PDF files. You should also severely limit the types of files you allow for upload and not allow any types which typically contain malware. To detect most of the malware you better combine several engines and tune them so they prefer more false positives instead of let some malware through. Also ClamAV relies on the community to develop the product and keep it up-to-date and does not have the manpower and the access to new threats as commercial vendors do.īut commercial vendors miss a lot of new malware too. One reason is that malware authors can easily tune their malware to bypass the detection algorithms ClamAV uses, since these algorithms are publicly known (open software). While ClamAV is free its detection rate is not very good compared to the better commercial antivirus solutions. Using ClamAV, we scan every file for viruses after it is uploaded and before it can be downloaded. Services which allow larger files might be especially attractive since lots of commercial firewall vendors severely limit the size of the files they scan and let everything else pass through. They are looking for services which are not (yet) in some kind of blacklists so the chances are higher that their malware can reach the target. Unfortunately these kind of services get easily abused by anybody which likes to spread malware. Probably because there is or was malware on this site. Why does Google Safe Browsing keep detecting malware on my website? Hopefully with the help of this new anti-virus solution my server never ever again serves as a virus source. So the ClamAV detection rate seems to be a lot lower than the one of Sophos. I've installed "Sophos Server Security" on the server in question and see lots and lots of malicious uploads being deleted by Sophos now. These files are all scaned and detected as virus-free. We also do provide Windows and Mac clients. (If this is possible at all, even Dropbox or Google itself are listed there)Īs Schroeder says, there may be other content on our site, not the files. I'm doing fundamental mistakes due to my limited knowledge of security architecture?ĭo you have any idea what to do in order to get a clean Google Safe Browsing track?.the used virus scanner is not good enough and lets some viruses pass?.Still I'm not sure why I cannot get my site to be "Google Safe Browsing clean". I've read through " What tools does the Google safe browsing service rely on?" and the linked resources. While my logs show that viruses/malware are detected from time-to-time, I also see that these files are downloaded zero times and are being deleted automatically as expected. the last time suspicious content was found on this site was on. Still Google Safe Browsing keeps detecting malware on our site: The file is deleted if a virus was found and a HTTP 404 is returned. We provide a freemium service to upload large files and download them later on.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |