I have some application. User can upload files, i save it on disk, and return it, when user want. I need implement some protection for uploaded files for viruses. I found 3 solutions for this problem: Use online antiviruses Install antivirus on my server and check uploaded file from command line Integrate antivirus by sdk or api. I don't like first solution, because i send my files and private info for other server. Second solution i think is best, but i don't know how correctly implement it. Last solution good, but i can't find any good and famous antiviruses, who has java api. Please, give me some direction for solve this problem. Mb some advice or literature. What is best way for solve it?

Reputation: 328

Checking uploaded files for viruses

I have some application. User can upload files, i save it on disk, and return it, when user want. I need implement some protection for uploaded files for viruses. I found 3 solutions for this problem:

Use online antiviruses
Install antivirus on my server and check uploaded file from command line
Integrate antivirus by sdk or api.

I don't like first solution, because i send my files and private info for other server. Second solution i think is best, but i don't know how correctly implement it. Last solution good, but i can't find any good and famous antiviruses, who has java api.

Please, give me some direction for solve this problem. Mb some advice or literature. What is best way for solve it?

Upvotes: 14

Answers (2)

Riadh

Reputation: 1206

The online AntiVirus ClamAV: https://github.com/cdarras/clamav-client is a good one.

If you use Linux/Mac, the online AV should be sufficient. If you use windows, you should also, install an antivirus on your server.

Upvotes: 3

Dushyant Singh

Reputation: 41

First, you have to check what kind of API does your installed antivirus software provides.

If there is any Java API provided (like AVG API) then you have to use it as below:

public void scanFile(byte[] fileBytes, String fileName)
   throws IOException, Exception {
   if (scan) {
      AVClient avc = new AVClient(avServer, avPort, avMode);
      if (avc.scanfile(fileName, fileBytes) == -1) {
         throw new VirusException("WARNING: A virus was detected in
            your attachment: " + fileName + "<br>Please scan
            your system with the latest antivirus software with
            updated virus definitions and try again.");
      }
   }
}

If no Java API is provided by the installed antivirus software, then you can still invoke it using command line, as below:

String[] commands =  new String[5];
                  commands[0] = "cmd";
                  commands[1] = "/c";
                  commands[2] = "C:\\Program Files\\AVG\\AVG10\\avgscanx.exe";
                  commands[3] = "/scan=" + filename;
                  commands[4] = "/report=" + virusoutput;


                 Runtime rt = Runtime.getRuntime();
                 Process proc = rt.exec(commands);

There is an interesting article for your reference: Implementing an Anti-Virus File Scan in JEE Applications

Hope this helps you.

Upvotes: 4

Checking uploaded files for viruses

Answers (2)

Related Questions