Can any antivirus program do this? (SOHO/business)

Discussion in 'other anti-virus software' started by acr1965, Oct 11, 2012.

Thread Status:
Not open for further replies.
  1. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Can any antivirus program do this? (SOHO/business) scan stamp?

    Some small businesses have to save documents to a cd and then send a copy of that cd to another small business. The saved documents are normally in pdf form. Also the sending business is required to "verify" in writing that a cd has been scanned by an antivirus before sending. The verification process is really nothing more than a person's signature and does not include what antivirus program was used, what version was used or if it was up to date with the most recent signatures.

    What I would like to find is an antivirus program that can add a stamp or message with the cd that, for instance, the cd was scanned by ABC Antivirus on the following date and time. At the time of the scan ABC Antivirus was using its most recent version (example version 2.0.1) and its most recent signature update (update number/time/date) which was sent out on "date"/"time". Also, that the scan showed no malicious or potentially unwanted programs.

    This way the receiving party can see the message that the cd was scanned and by which company. This addition would help in the exchange of cd's. I'm asking does any antivirus company do this already and, if so, which one(s)?
     
    Last edited: Oct 11, 2012
  2. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    I'm not aware of any av software which does this.
     
  3. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    Nor me. Most documents are sent by email these days. I see less use for CDs in the manner described, but for backup, certainly.
     
  4. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    I also think this is a somewhat pointless idea. If the receiving business has up to date antivirus software installed on their computers, then it really won't matter if the CD hasn't already been scanned for viruses - becuase if a threat is found the antivirus will intercept it.
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,088
    Ideally, the AV scan would occur after the CD burning was complete and the disc was finalized. Where there would be no opportunity to add another file. If you can burn the CD *label* a short while after burning the CD, then you could:

    1) Burn CD
    2) Scan CD
    3) Burn a label that contains "Scanned with..." information.

    Assuming the CD burning software, AV software, and label burning software (if separate) contain good cmdline interfaces, you could script this. Another approach would be:

    1) Burn documents to CD without finalizing
    2) Scan the CD using AV
    3) Append the AV scan report file or something less detailed to the CD and finalize it.

    The report file on the CD wouldn't be scanned (you could scan it before burning it just to say you did), but as long as it were a txt file that might be OK. You could probably script this as well.

    If you are willing to scan files before burning, you could use a working directory and similar approach.

    If you intend to share the AV scan report file, make sure it won't contain sensitive information (about your system, directory structures, whatever).
     
  6. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    Sorry, but I still see this as being pointless. A nice idea certainly, but of little use.

    Even if the contents of a cd have been scanned and found to be virus free, you have to consider that it has been scanned by only one antivirus, and no antivirus finds 100% of threats. So even though the cd has been flagged as being clean, there could be infections on it which would be identified by a different av, or by a future definition update of the current av.
     
  7. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    The industry I work in requires cd's to be exchanged among parties and for those cd's to have been scanned by an antivirus prior to giving them to another party. A digital stamp that a cd was scanned by some particular av would help in these exchanges of cd's, kinda like a digital stamp or signature helps in the exchange of electronic documents. Anyway, scanning a cd with an av before sending the cd to another party is a requirement which is not going to change anytime soon. I agree it is not the most effective security method in the world but there's nothing that can be done about that right now.
     
  8. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Hi acr1965
    It's clear that the industry you work in has a need, regardless of whether or not the method of delivery is preferred by all.
    This suggestion probably isn't feasible, but perhaps a third party verification would work. Such a step would add time and expense to the process, but if you believe that something other than the current system is necessary, then a third party verifier might be the answer. It might simply entail a service whereby a certified individual visits your business with a laptop and scans the CDs and puts his seal on them. Heck, you could start such a business yourself if need be. :cool:
     
  9. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    You can try to use Watermark Software and embed the scan results in your documents and make a PDF afterwards.

    Only in scanned mails, Security software can add that the message that an attachment was scanned.
     
  10. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Can't the cd's have a digital signature attached by the av somehow? Is that possible?
     
  11. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    Unfortunately security software can't add a digital signature that the documents are scanned. You can only obtain this by using work-arounds: creating Watermarks with the scan result of the checked files on your cd-rom.

    What you also can do is creating hashes for your files. So you can proof that the files aren't changed. All what you have to do is giving the original checksum of the hash file to the business where you give the cd-rom to. So they can check if there is match. But this is only to verify that the file integrity isn't changed.

    If you combine using a watermark with the scan result and hash and add a txt file with the original checksum on the cd-rom, then the receiving party has the proof that nothing is changed when you created the files and put them on a cd-rom and that the files are clean.
     
  12. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Why can't you simply attach a scan log?
     
Loading...
Thread Status:
Not open for further replies.