辅助角色的过程可以调用反恶意软件对Azure的云服务编程？ [英] Can a Worker Role process call Antimalware for Azure Cloud Services programmatically?

问题描述

我试图找到我可以使用在已经上传到Azure的Blob存储文件进行病毒扫描解决方案。我想知道它是否可以将文件下载到本地存储复制上一个工作者角色实例，调用反恶意软件对Azure的云服务在该特定文件进行扫描，然后根据文件是否清洁，处理相应的文件。

I'm trying to find a solution that I can use to perform virus scanning on files that have been uploaded to Azure blob storage. I wanted to know if it is possible to copy the file to local storage on a Worker Role instance, call Antimalware for Azure Cloud Services to perform the scan on that specific file, and then depending on whether the file is clean, process the file accordingly.

如果辅助角色不能以编程方式调用扫描，有没有检查文件是否已被扫描以明确的方式，以及它是否干净与否一旦被复制到本地存储（我不知道，如果服务并实时扫描时，增加了新的文件，或者只运行一个时间表）？

If the Worker Role cannot call the scan programmatically, is there a definitive way to check if a file has been scanned and whether it is clean or not once it has been copied to local storage (I don't know if the service does a real-time scan when new files are added, or only runs on a schedule)?

推荐答案

有没有，我们已经找到了一个直接的API，但反恶意软件服务符合于他们实现所使用的Windows桌面病毒检查标准在 IAttachmentExecute COM API。

There isn't a direct API that we've found, but the anti-malware services conform to the standards used by Windows desktop virus checkers in that they implement the IAttachmentExecute COM API.

所以，我们最终实现了上传的文件写入到隔离本地资源的文件上传服务，然后调用 IAttachmentExecute API。如果文件被感染，然后根据所使用的反恶意软件服务，它要么抛出一个异常，默默地删除文件或将其标记为不可访问。因此，通过试图读取该文件的第一个字节，我们可以在文件仍然可以访问测试。

So we ended up implementing a file upload service that writes the uploaded file to a Quarantine local resource, then calling the IAttachmentExecute API. If the file is infected then, depending on the anti-malware service in use, it will either throw an exception, silently delete the file or mark it as inaccessible. So by attempting to read the first byte of the file, we can test if the file remains accessible.

var type = Type.GetTypeFromCLSID(new Guid("4125DD96-E03A-4103-8F70-E0597D803B9C"));
var svc = (IAttachmentExecute)Activator.CreateInstance(type);
try {
    svc.SetClientGuid(ref clientGuid);
    svc.SetLocalPath(path);
    svc.Save();
}
finally
{
    svc.ClearClientState();
}

using (var fileStream = File.OpenRead(path))
{
    fileStream.ReadByte();
}

[Guid("73DB1241-1E85-4581-8E4F-A81E1D0F8C57")]
[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
public interface IAttachmentExecute
{
    void SetClientGuid(ref Guid guid);

    void SetLocalPath(string pszLocalPath);

    void Save();

    void ClearClientState();
}

这篇关于辅助角色的过程可以调用反恶意软件对Azure的云服务编程？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！