Re: security risk with attachment - Any ideas?

Mon, 27 Aug 2012 00:39:53 -0700 

Hi,

I have found one thread on web
http://old.nabble.com/Re:-Virus-Scanning-Remedy-Attachments---p3614885.html


Which in short means:

We can make use of Filters that fire on Create/Modify that check to see if
there is a change in an attachment. 
The actions taken are

  1) Use special run process to Save the attachment to disk
        PERFORM-ACTION-SAVE-ATTACHMENT

  2) Use special run process to Add the attachment just saved back to the
system
        PERFORM-ACTION-ADD-ATTACHMENT

Virus checking software on server will check virus for saved attachment and
then we can load a "Scanned" copy of attachment.

HTH

--
Regards,
Ruksana

Vyom Labs Pvt. Ltd.
BSM Solutions & Services || ITIL Consulting & Training
Email: i...@vyomlabs.com  || Web Site: www.vyomlabs.com Follow Vyom Labs
http://twitter.com/#!/vyomlabs || http://www.linkedin.com/company/vyom-labs

-----Original Message-----
From: Action Request System discussion list(ARSList)
[mailto:arslist@ARSLIST.ORG] On Behalf Of pascale.sterr...@daimler.com
Sent: Thursday, August 23, 2012 9:57 PM
To: arslist@ARSLIST.ORG
Subject: security risk with attachment - Any ideas?

HI all,

I am hoping that someone else on the list had to face this growing 
security concern and found a way to do this. 
This is the concern that came back from a security audit:

"Attachment are not being scanned at the server level and the application 
can only rely on the fact that the user may or may not use a scanning 
system (anti-virus for example). This does not prevent user to willingly 
add a malicious file.  The files should be scanned to stop SVG files to be 
uploaded at the server level."

I know I can have an API that would run on the server and would look at 
the tickets created and if there is an attachment, to extract it and scan 
it etc.  But any one has a better idea?  Or knows of some utility that is 
already out there that could do this?


Thank you,

Pascale 
Kenavo ar wech all


If you are not the intended addressee, please inform us immediately that you
have received this e-mail in error, and delete it. We thank you for your
cooperation.  
____________________________________________________________________________
___
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"

_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"

Reply via email to