[clamav-users] ClamAV - check for executables

[Krishnakumar Nair]

Hi Heino,

I am having ClamAV running in an ubuntu machine.

Making use of libclamav.jar, I am scanning files getting uploaded in to my
application based on Java/JEE running in windows.

*the basic stuff with EICAR text is working fine*

Here I need to make sure no exe file/zipped exe is attached as a document.

*We are concerned about scenarios where a malware may get attached as
renamed one, for eg, an exe file just renamed to .txt or something else, or
zipping in different levels.*

*We are analyzing the scope for ClamAV in handling this. Kindly share your
comments.*

Regards,
kk

On Wed, Nov 4, 2015 at 8:06 PM, Heino Backhaus <
heino.backhaus at fink-computer.de> wrote:

> Hi kk,
>
> just in case you didn't know about it and these documents are attached to
> Mails: Have you considered to use MailScanner for sanitizing your
> inbound/outbound mails?
>
> Mit freundlichen Gruessen
>
> H. Backhaus
>
> Fink-Computer Systeme
> Heggrabenstr. 9, 35435 Wettenberg
> Email: heino.backhaus at fink-computer.de
> Web: www.fink-computer.de
> Fax: +49-641-98444638
> Fon: +49-641-98444640
> UST-ID: DE151040770
> HRB: 2143 Gießen
> GF: Fredi Fink
>
> "In retrospect it becomes clear that hindsight is definitely overrated!"
>
>   -Alfred E. Neumann
>
>
> Am 04.11.2015 um 12:21 schrieb Krishnakumar Nair:
>
>> Hi Guys,
>>
>>       How to configure ClamAV to have a check for exe/exes' in ZIP/ any
>> executable to be blocked as an attachment. ?
>>
>>         I am using ClamAV as utility for antivirus scan for attached
>> documents in a Java Web Application [using libclamav-1.0.jar]
>>
>> Regards,
>> kk
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>