I was tasked to set up an open-source icap-server to scan files that are uploaded in one of our web applications.
The files base64-encoded withing the upload method and this seems to lead to the fortigate not being able to scan it properly.
Now I managed to set up an icap-server using "c-icap" and tested it with "clamav". So far it seems to work, at least EICAR files are detected.
Now the problem is, that my boss is basically a "Windows-only" person who says that any open-source AV can´t be trusted enough.
He wants me to try to have the requests/uploads sent to the c-icap server, but scanned with Windows Defender. ß Is there any - useful - way to accomplish this? Also, since I am super new to ICAP - are there any restrictions regarding which icap-server can be used?Like, is there any way to force requests to be handled with a metadefender-icap only, and not any other icap server?
Sorry if these questions are a bit unspecific and basic, but just started with ICAP yesterday!
Thank you!
Check out this link: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/metadefender-icap-with-windows-defender-antivirus-world-class/ba-p/800234 to see what Microsoft offers regarding Defender+ICAP.
I have used commercial ICAP solutions in the past (like Bluecoat) that allow plugging in multiple commercial virus engines (Kaspersky, Sophos, ...).
These are appliances, and you don't need to tell your boss their internals are probably some sort of Linux ;-)
You can probably also set up a commercial antivirus solution on your Linux system and use that.
Looking at this link: https://learn.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux it may even be possible to run Microsoft's Defender on Linux. I haven't tried it myself though.
Unlike your boss, Microsoft realizes software shouldn't be made to just run on Windows anymore (even MS-SQL Server now runs on Linux).
Related
I am trying to install BDE Engine by executing the following command line from my installation program as follows.
ShellExecute(0, nil, 'regsvr32.exe', 'BdeInst.dll', nil, SW_SHOW);
It pops up with a message requesting permission to install BDE Engine at a particular location. When you click okay button, it pops up another a message as follows.
I did verify that I have plenty of free space in my hardrive. When you click on Yes button, it installs the BDE engine successfully.
I don't know why. Plus, there is not much information online about this.
Any input will be greatly appreciated.
First of all, the BDE is deprecated, and you should better avoid using it, even with other versions of Delphi.
You have third party components around able to connect directly to DBs without using the BDE. See e.g. DevArt, SQLDirect, DASoft (its FreeDAC is free), and a lot of other components like Zeos or our SynDB Open Source libraries.
You reached the well known "2GB rounding error". The BDE installer suffers from it, but applications using BDE also.
BDE installer is buggy.
It just does not work with newer versions of Windows.
You have other installers around, like interbase and BDE on windows 7 or Bde Installer on these Embarcadero days
BDE used in applications will suffer from the same 2GB limitation, linked to the GetDiskFreeSpace improper use.
There is a work around available on Embarcadero CodeCentral which is worth to be included in your application code.
The BDE is an old piece of software that has now been deprecated for a few years. While people do still have it running, I believe it was originally 16bit software and may never have been changed. I have a feeling the message is coming from some piece of software that can not understand your large hard drive. I don't recall if BDEInst.dll is the BDE installer from Borland, but the message may be coming from that. You also mention an "Installation program is being developed ...".
It should install to XP, and I would get it working there first. Win 7 and 8 introduce more issues. However, if at all possible, reconsider if you want to install BDE at this point in time.
The bdeinst.dll uses the Win32 API function GetDiskFreeSpace, which can report a completely misleading value when executed against a drive that is larger than 2GB - see http://support.microsoft.com/kb/202455 for a developer-based workaround.
The reason I know this is because I've been hit by it before and examined the imports for the bdeinst.dll binary which indicates that it uses GetDiskFreeSpaceA (this is the ascii version of function).
If you have to use the BDE, then you just have to accept that you may see this error when you attempt to install the app
I have a linux server has an ad-hoc wireless network for clients to connect to. Once connected I want users to always be redirected to it's own web server no matter what URL they type in. The large solution would be to set up a full DNS server (with BIND or equivalent) but that seems like overkill. All I need is a simple program that will listen for any DNS request and always respond with the same IP address.
I looked around for one but couldn't seem to find one. It would preferably be written in C or Perl as I don't really want to install any other scripting languages.
Use Net::DNS::Nameserver and write your own reply handler.
For C, look at:
How to Build a custom simple DNS server in C/C++
Create custom DNS name server in C
I would suggest using dnsmasq. It's more full-featured than you absolutely need, but it's very well-written, small, and easy to install, and the only configuration you would need to give it is --address='/#/1.2.3.4' to tell it to answer all queries (that don't match some other rule) with the address 1.2.3.4. dnsmasq is well-known and maintained and probably a more robust server than Net::DNS::Nameserver.
I've used fakedns.py when reversing malware. It may be too limited for your situation.
As I answered in the other related question, I wrote a basic DNS server in C++ for a job interview under BSD license.
I think the code was pretty clean, though I didn't made unit tests :-(
I tested it with dig, and it took about a week understanding DNS protocol + implementing + documentation.
If anyone would want to extend it, I guess it would not be very difficult.
Because I think it only supported inverse queries, as that was asked in the exercise.
The code could be found here:
http://code.google.com/p/dns-server/
It was migrated to: https://github.com/tomasorti/dns-server
I am running my development environment Windows XP. I need access to the function SHGetKnownFolderPath. My team proposes that I simply update my shell32.dll with theirs and update my header files.
The function is documented here:
http://msdn.microsoft.com/en-us/library/bb762188%28v=vs.85%29.aspx
Now, understand that the focus of this question is on the viability of overriding/updating the shell32.dll manually via copy-paste. Please do not respond with workarounds/alternatives to the function mentioned above. That is not the point of this question.
Is it safe to simply take the Windows 7 version of shell32.dll and paste over mine (in XP)? I am afraid to test that for fear of murdering my entire operating system. I do not know all of Windows' library inter-dependencies and whether this would even be compatible. It sounds incredibly unstable, but that is what is being proposed I do.
You should not change a Windows DLL manually. A Windows 7 DLL will have dependencies that will not resolve on XP. Even if this worked (very unlikely), next time you install a patch from Windows Update it may either break due to dependencies or replace your Windows 7 DLL back to XP version.
UPDATE: This just won't work. The Windows 7 DLL has dependencies on API sets which did not exist in XP.
Copying manually the dll via copy-paste will not work, because WFP will kick in and restore the original dll. IIRC only digitally-signed updates from Microsoft are allowed to replace system dlls on a running system to avoid messes like this. You should replace the file offline (e.g. from another copy of Windows/BartPE/Linux/...), or disable/workaround WFP in some way. So, it's not practical.
Taking a system dll from another version of Windows and copying it there seems like a terrible idea. The shell changed a lot from Windows XP to Windows 7, I'm sure that there will be a lot of missing dependencies. Even if you managed to copy every file of the Windows 7 shell to Windows XP, these files would depend from newer user32/gdi32/ntdll/... functions added in Vista and 7, so it would not work anyway.
So, I think that the most probable consequence of replacing shell32.dll would be the failure to load almost any non-core component of the OS: failing shell32.dll to load due to missing dependencies, almost any GUI executable that links against it would fail to start. So, it's not safe.
Other than being a problem from a technical standpoint, I strongly suspect that it's also illegal. Having a license for both Windows XP and Windows 7 would not help, I think that this is considered "modification of the software product", that is explicitly disallowed by the Microsoft EULAs. So, it's not legal.
If you want backwards compatibility with XP just use SHGetFolderPath instead of doing all this mess.
Is it safe/practical to manually update shell32.dll in
Windows XP?
No.
shell32.dll is a core operating system file. I would expect that minus the other dependencies underneath the Windows 7 version you would have all sorts of unexpected behaviors. It would be better to test within a VM a complete Windows 7 environment rather than copy over a part of another version of an operating system.
Bigger questions: Do you think anyone at Microsoft every tested this exact combination? If you run into issues and you call support do you believe that you will find that your configuration is a supported one for your efforts? Having worked for MSFT in the past I would think that the answer to both is likely not.
Probably they know what they're saying. Anyway I would suggest you creating a system restore point and, just in case, downloading a minimal linux distribution so that, in extreme cases (i.e. windows can't boot), you simply restore their shell32.dll with yours.
I don't think so...
But if still want to try, then i suggest you install a virtual machine and try it there. this way much safer.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
We are currently investigating different remote-desktop support solutions to help our clients if they have any problems with our software and I would like some input on the best solutions out there.
We have the following needs / wishes:
Cross platform
Preferrably no installation on the user-end
Should penetrate firewalls and not be bothered by antivirus stuff.
Should leave no residu behind after support.
I know of VNC, logmeinrescue.com, dameware remote control, msn remote desktop and many others, but which one is the best?
I would also suggest TeamViewer, there is a free version and a commercial one that you can rebrand with your logo to redistribute to your clients. It does require (non administrative) install but works also behind firewalls.
Copilot
We use UltraVnc SC (Single Click), see here:
http://www.uvnc.com/addons/singleclick.html
Your client needs only download a small file from your helpdesk and run it. Then your helpdesk can control the client's desktop. The small file will uninstall itself after closing the session. The requirement is your UltraVNC should be run in listen mode.
Definitely TeamViewer!
Especially because it's very easy for the 'other side'.
No complicated skills required. Just install and run it. Easy to explain over the phone while immediatly asking for their 'code'.
Try CoPilot.
TeamViewer has been a great help to me so far but it's only available on Windows and Mac. No Linux support unfortunately.
I personally feel that UltraVNC is the best support tool for Windows boxes, especially since the end user can see what you're doing as you're doing it. Very good for training purposes as well.
RDP is neat, but I find it very frusting to use, unless on high-bandwidth or bandwidth stable machines. Port forwarding can also be a pain if the routing hardware is not great at the end users endpoint. You also need to worry about user permissions and enabling RDP as well, which if you need to do in 3rd person, can be tricky.
UltraVNC (like the other VNC clients) has a cool "Listening Host" which allows you to still VNC into a VNC server if the server's endpoint is not a direct connection to the net. This can be very useful. I've worked in the financial services sector, and we use VNC in this capacity and have never had any issue both installing it enmasse and have never had a security breach.
SSH is also an option, and with OpenSSH you can use it on windows (using cygwin) but this isn't always suitable.
In the end, I think VNC is possibly your best bet.
I've had very good experiences with CrossLoop. It's free and allows you to setup a connection within 2 minutes.
I use logmein.com quite a bit which works very well but it does have a full client installation. However it is available at any point and once installed does not require user to allow remote connection (which may or may not be ok with your customers).
Given your requirements, I think CoPilot is probably your only option, although you will require client interaction - they need to download and run an executable, but its very straightforward.
I have had good experience with the remote control of NTRSupport. Quite easy to use with no installation required.
I also used and/or use the following software that does not cover all your requirements:
Timbuktu Pro - Bad performance, few features, can't recommend it nowadays.
UltraVNC - Works, but I remember some problems with clipboard and file transfer support.
PCAnywhere - Works, but the performance was never satisfying, Awkward clipboard handling.
RDP - Great for Windows machines but can be problematic when it is not clear whether you have to use the console session or not. Sometimes, you disconnect a server session just by accident.
For windows only: Crossloop
If it's possible, I'm interested in being able to embed a PostgreSQL database, similar to sqllite. I've read that it's not possible. I'm no database expert though, so I want to hear from you.
Essentially I want PostgreSQL without all the configuration and installation. If it's possible, tell me how.
Run postgresql in a background process.
Start a separate thread in your application that would start a postgresql server in local mode either by binding it to localhost with some random free port or by using sockets (does windows support sockets?). That should be fairly easy, something like:
system("C:\Program Files\MyApplication\pgsql\postgres.exe -D C:\Documents and Settings\User\Local Settings\MyApplication\database -h 127.0.0.1 -p 12345");
and then just connect to 127.0.0.1:12345.
When your application quits, you can always send a SIGTERM to your thread and then wait a few seconds for postgresql to quit (ie join the thread).
PS: You can also use pg_ctl to control your "embedded" database, even without threads, just do a "pg_ctl start" (with appropriate options) when starting the application and "pg_ctl stop" when quitting it.
You cannot embed it, nor should you try.
For embedding you should use sqlite as you mentioned or firebird rdbms.
Unless you do a major rewrite of code, it is not possible to run Postgres "embedded". Either run it as a separate process or use something else. SQLite is an excellent choice. But there are others. MySQL has an embedded version. See it at http://mysql.com/oem/. Also several java choices, and Mac has Core Data you can write too. Hell, you can even use FoxPro. What OS you on and what services you need from the database?
You can't embed it as a in process type thing like sqlite etc, but you can easily embed it into your application setup using Inno setup at http://www.innosetup.org. Search their mailing list archive and you will find someone did most of the work for you and all you have to to is grab the zipped distro and you can easily have postgresql installed when the user installs your app. You can then use the pg_hba.conf file to restrict the server to local host only. Not a true embedded DB, but it would work.
PostgreSQL is intended to run as a stand-alone server; it's probably possible to embed it if you hack at it hard and long enough, but it would be much easier to just run it as intended in a separate process.
HSQLDB (http://hsqldb.org/) is another db which is easily embedded. Requires Java, but is an excellent and often-used choice for Java applications.
Anyone tried on Mac OS X:
http://pagesperso-orange.fr/bruno.gaufier/xhtml/prod_postgresql.xhtml
http://www.macosxguru.net/article.php?story=20041119135924825
(Of course sqlite would be my embedded db of choice as well)
Well, I know this is a very very very old post, but if anyone has nowadays this question, I would refer to:
You can use containers running Postgres. Here's a post that could be helpful, doing something along this line using R:
https://rsangole.netlify.app/post/2021/08/07/docker-based-rstudio-postgres/?utm_source=pocket_mylist
Take a look at duckdb https://duckdb.org/docs/installation/ It is relatively new and still needs to mature. But it works pretty much like an embedded database ("In-process, serverless"), with bindings for several languages (Python, R, Java, ...)