CalmAV is another solution that just as effective for AV detection but in today's post, we will discuss VirusTotal as an manual and alternative solution.
http://socpuppet.blogspot.com/2014/07/macosx-desktop-security.html
The virustotal has the means for a simple AV scanning and it's free service & now own by Google. It only requires you to upload the file or run the hash and compare.
https://www.virustotal.com/
https://en.wikipedia.org/wiki/VirusTotal
They have both daily and size limits, but they are reasonable. I will demo a file upload and the list of AV scanner that scanned my file for virus detection using the EICAR testfile which I crafted locally in a text format.
Scan results depends on the following 1> file-size , 2> how busy the site and 3> how fast you can upload a file.
NOTE: I had to disable my local AV client ( Sopho ) and my Fortigate-Firewall from AV scanning for this demo to work in this blog . These two AV protections are a great combo.
The general population thinks that you need a super duper & high $$$$$ analysis service in order to scan files. That's not exactly true.
Keep in mind , that any thing free is just that, " Free". So don't try to compare virustotal to forticloud or wildfire analysis engine both of which I have over combined 7+ years of experience with. VirusTotal will do a decent job for the most part and if you want to analyze a file of many different file types.
I will demo my FortiCloud Setup & in my next posting . This ( FortiCloud l ) is a solution for a simple , affordable sandbox'ing, and with HTTP services or any other services that you use for downloads or files-sharing. It's easy as 1-2-3 to setup and only requires a Fortigate Firewall.
BTW ( I'm a big pfSense and OPNsense user for the opensource networking and firewall community )
The openSource "pfSense Firewall" also has decent AV pkg FWIW. So again, " !!!! no excuses exists for being infected via malware !!!! "
Realtime scanning is a must and along with realtime reporting.
http://socpuppet.blogspot.com/2013/02/pfsense-hvap-anti-virus-for-http.html
https://opnsense.org/
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment