如何根据流行的病毒扫描程序测试我的应用程序? [英] How can I test my applications against the popular virus scanners?
问题描述
我需要知道我的应用程序是否被最受欢迎的反病毒软件包(不是最好的,但最大的用户基础)标记为病毒。因此,我想知道别人如何去做。一些背景:
I need to find out whether my apps are being flagged as viruses by the most popular anti-virus packages (not best, but biggest by user base). I therefore would like to know how others go about this. Some background:
我有一个用Delphi编写的应用程序。自从发现Delphi病毒以来,我的应用程序出现了错误的问题,特别是我的演示版本由于某些原因(他们都共享相同的代码)。 AVG一直很好,现在我可以轻松地将文件列入白名单,但是我得到了最新的DevExpress安装程序,这也是错误的。鉴于这种情况越来越普遍,我觉得我需要知道我的应用程序是否被最流行的反病毒软件包标记。因此,我想知道别人怎么做。我不希望人们下载我们的演示版本,获得AV警告,并决定不尝试。
I have an application written in Delphi. Ever since the Delphi virus was found, I've had problems with false positives on my applications, particularly my demonstration versions for some reason (they all share the same code). AVG has been good, and I can now whitelist my files easily, but then I got the latest DevExpress installer and it was false-positived too. Given this is getting more widespread, it struck me that I need to find out if my apps are being flagged by the most popular anti-virus packages. I therefore would like to know how others go about this. I don't want people to be downloading our demonstration versions, getting an AV warning, and deciding not to try it.
目前我唯一的选择是购买加载AV包并将其放入虚拟机,或使用像 VirusTotal 这样的服务。后者似乎是一个理想的选择,但由于他们将测试限制在20Mb以下的文件,我的文件比这更大。没有付费的选项来扩大能力。 (我认为这是一个奇怪的限制,但Kaperskis免费检查限制为1Mb!)
The only options I have so far are buying a load of AV packages and putting them in a VM, or using a service like VirusTotal. The latter seemed an ideal option but for the fact that they limit the test to files under 20Mb, and my files are bigger than this. There is no paid for option either to expand the capability. (I thought this an odd limit, but Kaperskis free checker is limited to 1Mb!)
如何检查您的应用程序?
How do you check your applications?
推荐答案
我的想法如下:
我设置了一个电脑(没什么特别的),有很多磁盘空间。我会称之为ScanPC。每次我做一个构建,脚本将把新的文件复制到一个构建的目录中。这将确保我有一个可以检查的所有构建的存档。任何一个可能已被释放给客户。
My thoughts on this are as follows: I set up a computer (nothing special) with a lot of disk space. I'll call this the ScanPC. Every time I do a build, the script will copy the new files to the ScanPC into a build specific directory. This will ensure that I have an archive of all builds that can be examined. Any one may have been released to customers.
现在,我安装了VMWare服务器,并设置了一些虚拟PC。在每个中,我设置了防病毒软件来扫描网络共享,但是在只读模式下,无需扫描程序即可意外修改或删除假阳性。每个VM然后可以从供应商自动更新,希望他们有一个电子邮件选项告诉我什么时候发现病毒,然后我会知道是一个错误的肯定,并可以向供应商报告。
Now, I then install VMWare server, and set up a number of virtual PCs. In each, I set up the anti-virus software to scan the network share, but in a read-only mode so that no scanner can accidentally modify or remove the false positive. Each VM can then be automatically updated from the vendor, and hopefully they will have an email option to tell me when they spot a virus, which I will then know is a false positive and can report to the vendor.
这样做的好处是,我有一个完整的构建存档(我需要的东西),这意味着与触发AV的客户的旧版本被识别以及最近的。这意味着我可以酌情添加或删除AV产品。这意味着我只需要一台电脑(性能并不重要)。
The benefit of this is that I have a complete build archive (something I need anyway), and it means that old versions out with customers that trigger the AV are identified as well as the most recent. It means I can add or remove AV products as appropriate. It means that I only need a single computer (performance is not important).
这篇关于如何根据流行的病毒扫描程序测试我的应用程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
