Server side virus scanning
I need to scan uploaded files for viruses on a Linux server, but I'm not sure how to go about it.
What are my options, if any? I'm also interested in how the scanners perform when multiple users send multiple files at the same time.
Answer
Here are my results for ClamAV when tested against known viruses (the problem is, none of these should have passed):
+-----------+------------------------------+
| Results | File |
+-----------+------------------------------+
| infected | AdvancedXPFixerInstaller.exe |
| pass | auto.exe |
| pass | cartao.exe |
| infected | cartoes_natal.exe |
| pass | codec.exe |
| pass | e421.exe |
| pass | fixtool.exe |
| infected | flash_install.exe |
| infected | issj.exe |
| infected | iwmdo.exe |
| infected | jobxxc.exe |
| infected | kbmt.exe |
| pass | killer_cdj.exe |
| pass | killer_javqhc.exe |
| infected | killer_rodog.exe |
| infected | kl.exe |
| infected | MacromediaFlash.exe |
| infected | MacromediaFlashPlayer.exe |
| infected | paraense.exe |
| infected | pibzero.exe |
| pass | scan.exe |
| pass | uaqxtg.exe |
| pass | vejkcfu.exe |
| infected | VIDeoSS.exe |
| infected | wujowpq.exe |
| pass | X-IrCBOT.exe |
+-----------+------------------------------+