virus spreaded by Moodle

virus spreaded by Moodle

by Martin Koops -
Number of replies: 14

A security issue was raised by a parent of my of my students: Am I increasing the danger of virusses being spread as my students receive emails generated by Moodle.

Is it possible for virusses to be spread though Moodle? What argument should I use in copmforting the suspicious parent?

I do use the workshop mudule, can student add virusses in the uploads? Can or should I scan the uploads for virusses?

Or should I add extra virus protection to my server (which has only port 80 open to internet)?

Kind regards,

Martijn

Average of ratings: -
In reply to Martin Koops

Re: virus spreaded by Moodle

by Gustav W Delius -
If someone wants to send you an email with a virus they can do that directly, no need to go via Moodle. So do tell your students never to open an attachment with an executable in it. Luckily Moodle does not send out any emails with attachements, so no extra danger from Moodle.
Average of ratings: -
In reply to Martin Koops

Re: virus spreaded by Moodle

by Zbigniew Fiedorowicz -

The only plausible way that Moodle can spread viruses via email is for a student to knowingly attach an infected executable to a forum post. Moodle would not actually email the virus, but the Moodle email would contain a link to the infected file on the Moodle server, and students would have to click on the link to get infected. [It is possible that a student could knowingly attach the executable to a forum post without knowing that the file was infected.]

There is no current virus which could automatically attach itself to forum posts without the knowledge of student posting to a forum. One could theoretically write such a virus, but it is not likely that anyone would take the trouble to do this, unless Moodle became VERY POPULAR.

Average of ratings: -
In reply to Zbigniew Fiedorowicz

Re: virus spreaded by Moodle

by W Page -
Hello All!

I think that one of the features of "BlackBoard" is virus scanning of uploaded files.

I had a professor who would not take/accept disks directly but would download a file that was uploaded to "BlackBoard".

Does anyone know how this could be installed? There are some - Open Sourced - Antivius Programs. Is it possibele to use any of them? Can they auto-update themselves from the server?

WP1
Average of ratings: -
In reply to W Page

Re: virus spreaded by Moodle

by Timothy Takemoto -

I use a free antivirus software called avg (free for non commercial use only). Perhaps they might be persuaded to help out?

Alternatively there is the temporary option of leaving liberal links to Housecall

However, since there are no viruses that attack moodle at present, as pointed out above, we are pretty safe at present.

Tim
Timothy Takemoto

Average of ratings: -
In reply to Timothy Takemoto

Re: virus spreaded by Moodle

by Art Lader -
And students can always unsubscribe from forums, block Moodle e-mails, scan mail they receive from Moodle, edit their profiles (changing their e-mail addresses to bogus addresses), use Hotmail to receive Moodle mail (which scans e-mail for viruses), etc., right?

How do they deal with e-mail they recive from other sources?

-- Art Lader
Average of ratings: -
In reply to Art Lader

Re: virus spreaded by Moodle

by Zbigniew Fiedorowicz -

Moodle does not send any email with attachments, so none of the above measures are relevant.  If a student attached a virus to a forum post, the resulting email from Moodle would only contain a link to the virus. The appropriate countermeasure on the client side would be to have a virus scanner looking at files downloaded from web sites.

On the Moodle server side, I think it would be useful to have a way to restrict the type of files that users could attach to forum posts. For instance disallow attachments with certain extensions (e.g. .exe) or more restrictively only allow a small list of extensions.  There is a recent post in another forum proposing this type of functionality.

Average of ratings: -
In reply to Zbigniew Fiedorowicz

Re: virus spreaded by Moodle

by W Page -

Hello All!

I think the idea about disallowing certain attachments is a good "poor man's" way of dealing with concerns.  However, I could see a problem with some computer classes which may have a need for students to submit "*.exe" files.

I think most of the free antivirus programs are for personal and not compercial/industrial use.  I wonder if it would or could be acceptable per teacher versus per institution.

WP1

Average of ratings: -
In reply to W Page

Re: virus spreaded by Moodle

by Zbigniew Fiedorowicz -

I think the filtering by file extension type could be refined to be at a per forum basis.  But I agree with Martin that it would be best to do this within a Document Management System.  As for antivirus scanners, I think the free ones are for client computers, not for servers.

Average of ratings: -
In reply to Zbigniew Fiedorowicz

Re: virus spreaded by Moodle

by Martin Dougiamas -
Picture of Core developers Picture of Documentation writers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Plugin developers Picture of Testers
Absolutely.  I was thinking per-course, but per-activity wouldn't be too hard either once some sort of common central functionality was in place.
Average of ratings: -
In reply to Zbigniew Fiedorowicz

Re: virus spreaded by Moodle

by Ger Tielemans -

So no .exe files? then the sender zips the files and the receiver unzips, OOPS (users, you know, no virus-experts)

In AVG you leave it to the users on their personal computers: They check files and emails and even can sent emails with trailers like "this email is checked by AVG"

...but what if they forget to switch it on?

In TeLeTOP we used the engine of Lotus Domino: You could install serverside virus checking that checked the uploaded files before storing them. I can't remember what it did with zip: In Moodle I love the built-in unzip: so during the unzip-process an extra check should be built in?  

http://software.othello.ch/mod_clamav/

http://www.de.internet.com/index.html?id=2015032 (very old news?)

Average of ratings: -
In reply to Ger Tielemans

Re: virus spreaded by Moodle

by Genner Cerna -
Perhaps, moodle uploaded file before storing them... maybe a antivirus to be installed in the server side...
Average of ratings: -
In reply to Art Lader

Moodle can not spread viruses

by Martin Dougiamas -
Picture of Core developers Picture of Documentation writers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Plugin developers Picture of Testers
Let's be very clear on this (the original subject line here is misleading and probably scaring folks who don't know any better):

Moodle can not be part of an email virus.  It can not receive mail, it can not run a virus program, and it can not send out copies of viruses. 

It would require a malicious person to deliberately upload a bad executable to a forum, say, for people to deliberately download it, and for people to deliberately run it.  Of course, this is not restricted to viruses, it could be any "nasty" content you don't want.

Some filtering of files would be a good thing to have for various reasons - I'm sure we can build it into the DMS, but the sky is not falling.  smile
Average of ratings: Useful (1)
In reply to Martin Dougiamas

Re: Moodle can not spread viruses

by D G -
There are some free (or free for non commercial use) anti virus scanners which could be installed in some instances, however given the variety of places that moodle can be installed I think it would be best left up to the user/admin. I'm not sure it's even feasable in the majority of hosting situations.

Having said that, I imagine that the addition of an "Excute this command on all uploaded files" option may be usefull to allow anyone who has a commandline virus scanner installed (or that they can install on their moodle host) to scan files, if desired.

DG

Average of ratings: -
In reply to D G

Re: Moodle can not spread viruses

by Marcus Green -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Plugin developers Picture of Testers
One powerful and free anti virus measure you can take is to not run a Microsoft  email client. I suggest one of the Mozilla variants. One of the ways many (most?) viruses propogate is by performing lookups in the Microsoft email client address book and sending themselves to those addresses. I am not aware of any virus that directly attacks or takes advantage of the Mozilla email client.

Interestingly many young people will give you a blank look when you mention an email client as for them the web IS their email client.


Average of ratings: -