【问题标题】:Need File to be Virus Scanned before Upload to Azure?在上传到 Azure 之前需要对文件进行病毒扫描吗?
【发布时间】:2020-06-23 01:11:50
【问题描述】:

作为一项要求,我们需要对上传到我们应用程序的任何内容进行病毒扫描。是唯一提供恶意软件和病毒扫描等功能的基于云的服务。我们只需要该服务提供接受文件数据流并在扫描后返回结果的 API。

我们正在使用 Asp.Net WebApi C# 和 Azure。

【问题讨论】:

  • 我觉得你应该看看 ClamAV clamav.net
  • 我们需要安装那个吗??
  • 您可以在 Azure 中托管它。如果配置对您来说很麻烦,docker image 将为您完成这项工作。然后可以在 GitHub 中找到各种 C# 绑定(实际上您可以简单地以 ReST 风格向 ClamAV 发送请求)
  • 好吧,我不知道 docker。你能把需要执行的步骤发给我吗
  • 你也可以很容易地在 Ubuntu 中安装它。我记得 APT 可以将所需的服务配置为例如更新数据库。

标签: azure asp.net-web-api


【解决方案1】:

无耻插件,但您可能想看看 https://scanii.com 是一个纯 SaaS 恶意软件检测服务,它与 Azure 很好地集成。此外,请务必仔细阅读 Virus Total 条款,因为它不能用于商业产品 (https://www.virustotal.com/en/documentation/public-api/)。

【讨论】:

    【解决方案2】:

    这种方法非常有效,不仅可以阻止病毒和恶意软件,还可以阻止其他威胁,例如脚本、可执行文件和无效文件:

    using System;
    using System.Diagnostics;
    using Cloudmersive.APIClient.NETCore.VirusScan.Api;
    using Cloudmersive.APIClient.NETCore.VirusScan.Client;
    using Cloudmersive.APIClient.NETCore.VirusScan.Model;
    
    namespace Example
    {
        public class ScanFileAdvancedExample
        {
            public void main()
            {
                // Configure API key authorization: Apikey
                Configuration.Default.AddApiKey("Apikey", "YOUR_API_KEY");
                
                
    
                var apiInstance = new ScanApi();
                var inputFile = new System.IO.FileStream("C:\\temp\\inputfile", System.IO.FileMode.Open); // System.IO.Stream | Input file to perform the operation on.
                var allowExecutables = false;  // bool? | Set to false to block executable files (program code) from being allowed in the input file.  Default is false (recommended). (optional) 
                var allowInvalidFiles = false;  // bool? | Set to false to block invalid files, such as a PDF file that is not really a valid PDF file, or a Word Document that is not a valid Word Document.  Default is false (recommended). (optional) 
                var allowScripts = false;  // bool? | Set to false to block script files, such as a PHP files, Pythong scripts, and other malicious content or security threats that can be embedded in the file.  Set to true to allow these file types.  Default is false (recommended). (optional) 
                var allowPasswordProtectedFiles = false;  // bool? | Set to false to block password protected and encrypted files, such as encrypted zip and rar files, and other files that seek to circumvent scanning through passwords.  Set to true to allow these file types.  Default is false (recommended). (optional) 
                var restrictFileTypes = "";  // string | Specify a restricted set of file formats to allow as clean as a comma-separated list of file formats, such as .pdf,.docx,.png would allow only PDF, PNG and Word document files.  All files must pass content verification against this list of file formats, if they do not, then the result will be returned as CleanResult=false.  Set restrictFileTypes parameter to null or empty string to disable; default is disabled. (optional) 
    
                try
                {
                    // Advanced Scan a file for viruses
                    VirusScanAdvancedResult result = apiInstance.ScanFileAdvanced(inputFile, allowExecutables, allowInvalidFiles, allowScripts, allowPasswordProtectedFiles, restrictFileTypes);
                    Debug.WriteLine(result);
                }
                catch (Exception e)
                {
                    Debug.Print("Exception when calling ScanApi.ScanFileAdvanced: " + e.Message );
                }
            }
        }
    }
    

    你需要安装这个 Nuget 包:

    Install-Package Cloudmersive.APIClient.NETCore.VirusScan -Version 2.0.3
    

    Nuget 包是开源的。 API 密钥可免费用于每月 1000 次扫描。

    希望这会有所帮助!

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2013-09-13
      • 1970-01-01
      • 2010-10-02
      • 2011-05-30
      • 2015-12-10
      相关资源
      最近更新 更多