Virus Scan of Customer Uploaded Attachments in iStore

Similar Messages

• Virus Scanning in iSupplier and iSoucing Module

  There are a number of pages in iSupplier and iSoucing Module where supplier a upload documents. For Security purposes system should check Virus Scanning.
  (As iRec Module have this functionality).
  Is any one idea about this. How to enable Virus Scanning during document Upload for iSupplier and iSoucing Module .
  Thanks, Avaneesh

  You can use virus scanning but you need to exclude extensions and folders of lync as exist in blow link
  http://technet.microsoft.com/en-us/library/dn440138.aspx
  Please remember, if you see a post that helped you please click (Vote As Helpful) and if it answered your question, please click (Mark As Answer).

• Virus Scan of email attachments

  Can anybody help me in coding of Virus Scan of email attachments through java code, like we do with normal email engines like yahoo.
  Thanks in advance!!!

  First of all download NORTON COMMAND LINE SCANNER
  create a programe in java using RUNTIME CLASS which executes .exe applicaion with required parameters.
  1 . WHILE UPLOADING FILES TO SERVER WHEN SENDING MAIL WITH ATTACHMENT
  upload file to server .
  scan the file by passing the path to command line scanner.
  Read the output which shows virus found , no virus found.
  2 WHILE DOWNLOADING ATTACHMENT FROM EMAIL.
  parse the message and find which part is attachment.
  write that attachment as file to a temp directory .
  pass this temp path to command line scanner.
  Read the output which shows virus found , no virus found.
  for any further help mail me on this address
  [email protected]
  bye

• Virus Scan on File Attachments

  Hi,
  I have added the file upload/download capability to a OAF page using AttachmentTable component. Everything works fine, I am able to upload/download files. But, I have to scan the documents for any viruses before uploading them. Could you please give some pointers on how can I do it?
  Thank you.

  Virus scanning is happening for iRecruitement Module if Semanatic antivirus server is installed(This required to buy sementic licence.)
  iRec code use this oracle.apps.per.irc.common.VirusCheck file for scanning document (Uploaded by OAF pages).
  After enabling this setup and using VirusCheck class you can enable Virus Scanning for your custom code.
  We have also tried other options like finding any JAVA or PLSQL API and or any free tool but did n't get success in this way.

• "The upload has failed. There was a problem running a virus scan for the file."  any ideas???

  "The upload has failed.
  There was a problem running a virus scan for the file. "
  This is the message i get when tryng to update
  any ideas?

  Error: "svr.VirusScanExecutionError"
  An intermittent problem with acrobat.com's underlying virus scan component causes this issue. This issue happens occasionally on a small number of server instances.
  The solution is to update the article again. Trying again typically routes you to a different host in the server array.

• Virus scan a file before upload.

  Hi friends,
  I wanted to virus scan a file before being uploaded to the server. I have basically no idea how this could be done in java.Could anyone help me out in this.

  Well, you'd have to virus scan after upload, since you couldn't to it on the client. And then you'd have to either find virus scan software with a Java API or use JNI to access a C++ API, or if it supports a command-line mode, use Runtime.exec() to execute that and parse that command's output.

• Virus scan during file check-in or upload

  Is there any option available for doing virus scan on file being check-in in UCM? Is there any UCM service/ webservice available to do virus scan?
  If we've implement custom logic for same, what's the best practice or approach to be followed from UCM standpoint.

  Hi,
  That can be done, for sure, but you will need an antivirus service(third party) that scans the actual file. Once you have that, you can communicate with it via some protocol and make the scanning requests. The service itself will be installed on some machine with all there is to it(according to the specs of the manufacturer) and then you can write a Java client/server (let's say) that adheres to the protocol the service imposes to make the communication possible. The service will do the scanning and your client/server will initiate the request, read the response, communicate with the WCC so on and so forth...
  Considering that during the check-in the path of the file being checked-in is available and according to the service's API one can develop a flow that will scan the files before being actually checked-in. We have used SAVAPI - Secure AntiVirus Application Programming Interface (SAVAPI) from Avira that provides an interface to detect malware and repair infected files.
  Regards,
  Vlad

• Virus scan during Cfolder file upload

  Hi Guys,
  We have SRM with Cfolder. Supplier upload huge documents to cfolder, could you please let me know is there any antivirus software to scan the files. Please advise.

  Hi,
  As far as i know, there is no such feature available in cFolders. May be a virus scan at the server level could be possible. You need to check with SAP experts @ SAP security space.
  Regards,
  Ravi

• How to virus scan uploads

  I think everybody will be aware that large web sites
  always virus scan the files you upload to there server.
  Would anybody know how to virus scan a file that you would upload on to your server.
  Using JSP or the Java Bean.
  This one is trickly.
  Many thanks to all.
  Any help is good help

  Upload it to a temporary folder. Run an external virus scanner against the file (find out how to run an external program). If it passes, move it to the "real" location. otherwise, prompt the user for instructions.

• Virus Scan a document before uploading to Portal

  Hi,
  While uploading a document to PORTAL using "add_item" that document has to be scanned thro an antivirus software, if anybody knows the possibilty of doing this in Oracle Portal please let me know the details.
  Thanks
  Regards

  Well, you'd have to virus scan after upload, since you couldn't to it on the client. And then you'd have to either find virus scan software with a Java API or use JNI to access a C++ API, or if it supports a command-line mode, use Runtime.exec() to execute that and parse that command's output.

• Virus scan profile activation in ODATA

  Hi Experts,
  I am facing an issue while uploading Image(*Base64 format)
  into SAP through Netweaver Odata Gateway services. The issue is that the
  content of the Image is supposed to come in a field that has datatype Xstring
  but when we include a field with data type Xstring the framework starts giving
  an error no virus scan profile is active . We did try various combinations of
  Standard Virus Profile maintained , but no resolution came out of it. Now we
  have created a new profile in customer namespace but now it gives an error
  Incorrect Configuration for Profile <Profile Name>. We need help in
  trying to figure out what is correct configuration that is to be maintained to
  fix this issue.
  There is an alternative that we deactivate the Virus Scan
  profile through transaction /IWFND/VIRUS_SCAN and then we are able to post the
  images , but this doesn’t look like an ideal solution as it would involve
  transporting Virus scan profile to Production and quality and then deactivating
  them over there manually.
  I am getting error on "Recursive occurrence of virus scan profile  in the sequence"
  Please suggest.
  Regards,
  Dharmesh Sharma

  Hi Joerg,
  I found some soluation also. They shared a one document. i did the changes but still same problem.
  Scan Profile setup
  Transaction SM34 -> VSCAN_PROFILE_VC
  Transaction /IWFND/VIRUS_SCAN
  Set the Zprofile to the default
  The Table /IWFND/C_CONFIG should have the entry
  Please suggest . i have internal system and we dont have virus server. I am confused.
  Regards,
  Dharmesh

• Virus Scan profile activated - implications?

  Hello.
  we have a custom program that makes IDOCS into PDF's and then emails them.
  if the Virus Scan profile /SCMS/KPRO_CREATE is not activated it fails saying that it isnt activated.
  There is Note 1382313 that states not to activate it, only if you need it activate it.
  So we do need it and activated it now but what else is now scanned as well?
  And how come its needed when we create documents? So far I have only found it to be needed for incoming objects?
  Thanks for thinking!
  Andi

  Though the profile is active, you need a virus scanner.
  you need External Virus Scanner to be setup in the VSCAN--> Servers.
  Few Virus Scanners are McAfee, Avira, and http://www.bowbridge.de/index.php?id=31&L=1
  BowBridge.
  Once the setup is done, use VSCANPROFILE---> Activate it and use VSCANTEST to test sample antivirus.
  After the activation only the docuemnts which are using the profile are scanned, the idea is when you upload a documet to SAP then it is scanned.
  Thanks
  SM

• Malware Policy - Scan Email and Email Attachments

  Hi there,
  When creating a custom malware policy there is a setting under "Scan Settings" called "Scan Email and Email Attachments" and I have a number of questions regarding it.
  Which email clients does this policy support?
  Which email protocols does it support - POP3, IMAP, MAPI?
  How and when does it scan the incoming email and attachments?
  One of the reasons I ask is that we recently had a user hit with the Crypt Locker virus which went on to encrypt 40,000 files on network folders. The infection was encounter via a pishing email in Outlook 2013 and I would have thought MS EP would have caught
  the payload when the link was clicked on or attachment was downloaded.
  Cheers
  Craig
  Hibs Ya Bass!

  Yikes. I would contact CSS directly on this because no one in these forums will truly be able to address your concerns.
  Based solely on this blog post -- http://blogs.technet.com/b/clientsecurity/archive/2010/03/20/scanning-email-archives.aspx -- I would conclude that it doesn't scan any traffic and thus the protocol doesn't matter; it is an archive scanner and thus only
  scans e-mails once they are written or committed to disk.
  The assumption that client based anti-malware products make is that the e-mail server is itself already protected at the gateway level.
  Even so though, if this was phishing attack, there's nothing malicious about the e-mail itself so the setting doesn't really apply as it was the content downloaded from the malicious site that the user unwittingly accessed that caused the damage. Outlook
  is generally good at at recognizing spoofed URLs used in phishing attacks though.
  So, going back to my original statement, you should contact Microsoft CSS to see where the gap was.
  Jason | http://blog.configmgrftw.com

• Question on the upload attachments process in a request form

  hi,
  I have a question on the upload attachments process in a request form. I have 2 pages, one is a request form and the other is an attahment page
  The request form let users fill the mandatory fields (e.g. name, email, address...) And in the form, there is a link (URL without submit) to the attachment page.
  In the attachment page, users can upload the supporting file for their rquest. The file will be uploaded to APEX_APPLICATION_FILES view and then it will be copied it to a customized table (table A) and remove from the view.
  When the users finish uploading files (i.e. the files are stored in table A), users need to press a "Done" button back to the request form to submit the form.
  My question is:
  As the request form is not yet submitted while the attached files are stored in table A, there is no request_id (request from table primary key generated in an Insert trigger after submission) is generated to tag with the files in table A. Is there any standard practice to do this?
  What I am doing now is to generate a hidden value in sequence when user goes to the attachment page. The hidden value is stored in table A togehter with the files when uploading. When user goes back to the request form, the hidden value is passed back as session cache. When the request form is submitted, I make an update statement by using the hidden vaule in the Insert trigger to tag the request_id to the attached files in table A.
  Is my way appropriate?
  Thanks for advice.
  cheers,
  Pong

  Pong,
  Yes, this would work just fine. You may want to consider enabling session state protection so that your process is not succeptable to URL tampering, which would cause a user to change the value of the REQUEST_ID in the URL and potentially associate other attahments with their request.
  Thanks,
  Scott

• Proxy upgrade from SP1 to SP5 doesn't work anymore for virus scanning.

  Upgraded from SP1 to SP5 and the virus scanning updates no longer work. No changes have been made it is a complete carbon copy using the migrate button. No ip addresses have been altered nor has the ports been changed. I've tried SP2, 3 & 4 and they too fail with a 504 error log. I turned SP1 back on and it works first time.
  If you can solve this I'll be so impressed because its driving me crazy. I've checked all config files and everything is as it should be.

  Hi
  This thread was interesting as I have many customer sites using virus scanning without any problems together with this proxy.. Some sites are really huge as well.
  Can the author of this thread explain how the scanning that now refuse to work is done with the proxyserver... Through an API or as forwarded requests to another scanning proxy (trend micro etc.) or what ? Maybe this is done in some way I am not aware of. Then I am really interested in your problem.
  We mostly use it "user->proxy->vscanner->site" where the proxy and the scanner often run at the same host. This in huge installations together with load balancers infront and behind.
  /Per-Olov