| Author |
Message
|
| TBS |
 Posted: Fri Jun 18, 2010 4:58 am Post subject: Virus check data in WMB |
 |
|
Centurion
Joined: 29 Jan 2007
Posts: 143
Location: Hillerød / Denmark
|
Hi !
I have a Flow that receive a file embedded in a xml msg onto a broker.
File is in base 64
Is there a recomnedation for virus check the imbedded file ?
/Torben |
|
| Back to top |
|
 |
| Gaya3 |
| Posted: Fri Jun 18, 2010 5:22 am Post subject: Re: Virus check data in WMB |
|
|
Jedi
Joined: 12 Sep 2006
Posts: 2493
Location: Boston, US
|
| TBS wrote: |
Hi !
I have a Flow that receive a file embedded in a xml msg onto a broker.
File is in base 64
Is there a recomnedation for virus check the imbedded file ?
/Torben |
its good to do virus check before the message it get in to broker.
why do you want, broker to act like an anti-virus software.
_________________
Regards
Gayathri
-----------------------------------------------
Do Something Before you Die |
|
| Back to top |
|
|
| TBS |
| Posted: Fri Jun 18, 2010 5:28 am Post subject: |
|
|
Centurion
Joined: 29 Jan 2007
Posts: 143
Location: Hillerød / Denmark
|
| It is not possible to check the file in base64 before it hit the broker as it in in base 64 .. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Fri Jun 18, 2010 6:59 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
There are other, better, ways to solve this than by trying to write a virus checker in Broker.
It seems rather unlikely that Broker itself is capable of doing anything that will actually execute any virus code in a message, either. You would have to take steps to apply message contents in an executable manner... |
|
| Back to top |
|
|
| sushilishere |
| Posted: Sun Jun 20, 2010 9:53 pm Post subject: |
|
|
Apprentice
Joined: 27 Jul 2008
Posts: 36
|
Just a suggestion from what we do when we have to do something that requires calling a "outside" API/exe.
USe Java to invoke a virus checker app.. send ur msg to it and once the app returns the file, continue ur msgflow from that location.
Expecting Broker to do a virus check would put norton and other guys out of work and IBM wld take over the world 
_________________
----------------------------
IBM MQ v6.0 Sys Admin
IBM MBv6.0 Sol Desgnr
----------------------------------------------------
By the Mountain Side.. looking at the Great Divide
---------------------------------------------------- |
|
| Back to top |
|
|
| Vitor |
| Posted: Mon Jun 21, 2010 4:56 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| sushilishere wrote: |
| Just a suggestion from what we do when we have to do something that requires calling a "outside" API/exe. |
I repeat the question of my associate - why? It seems very unlikely that anything will execute inside a WMB flow, virus or no. Anything that you're called via a JCN or similar will be something you've explicitly coded to be called and hence (if not actually written by yourselves) will be from a trusted source.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| sushilishere |
| Posted: Mon Jun 21, 2010 9:25 pm Post subject: |
|
|
Apprentice
Joined: 27 Jul 2008
Posts: 36
|
What i meant to say was the API/App being trusted but the data that has to be processed contains a virus!!!
But ill stick to what u said!! this kinda scenario has never appeared to us nor do we forsee anything like this!!..
"My suggestion was on the lines of how MB allows external APIs to be run/used."
_________________
----------------------------
IBM MQ v6.0 Sys Admin
IBM MBv6.0 Sol Desgnr
----------------------------------------------------
By the Mountain Side.. looking at the Great Divide
---------------------------------------------------- |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Jun 22, 2010 4:09 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| sushilishere wrote: |
| What i meant to say was the API/App being trusted but the data that has to be processed contains a virus!!! |
Again, how does a virus that's in data manage to infect anything? I'm interested as I've not heard of this previously. Either as a virus concept or something that's been developed within broker.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| sirsi |
| Posted: Wed Jun 23, 2010 2:27 am Post subject: |
|
|
Disciple
Joined: 11 Mar 2005
Posts: 177
|
| who has got the time in this world to write a virus in a MB message!!! |
|
| Back to top |
|
|
| AndreasMartens |
| Posted: Fri Jun 25, 2010 2:01 am Post subject: Slightly crazy scenario, but: |
|
|
Acolyte
Joined: 30 Jan 2006
Posts: 65
Location: Hursley, UK
|
How about you're using Broker to transfer pdf files uploaded to your public FTP server into a DMZ for further processing... And as we know pdf files can contain virals, so to prevent that virus infecting the poor individual who's job it is to review all the documents uploaded you want to scan the documents when they're in transit...?
Obviously there are far better ways  |
|
| Back to top |
|
|
|
|
