Monday 21 April 2014

Virus Scanning in Java Application using ClamAV Antivirus Engine

If you are looking for the options where you can perform virus scanning for given files and documents, this post may help you out. This post will walk you through the approach of scanning files to detect trojans, viruses, malware and other malicious threats using ClamAV

ClamAV is an open source antivirus engine. This engine can be used to detect Trojans, viruses, malware and other malicious threats. 

You can go through the instructions to install the ClamAV antivirus engine and integrate your JAVA application to detect virus in your files. 


Installing ClamAV on Linux Box:

Follow below instructions to install and run ClamAV services on a Linux box:

Note: C compiler must be installed on Linux box before installing ClamAV.

1.     Download ClamAV source
To: Linux box @ your desired location

2.     Extract the tar using below commands:
gzip -d clamav-0.97.tar.gz
tar –xvf clamav-0.97.tar

3.     Change command prompt to ‘clamav-0.97’ directory

4.     Run commands to define user and group
groupadd clamav

useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav


5.     Run command to configure ClamAV packages after replacing token install-root
./configure --prefix=install-root --disable-zlib-vcheck

 install-root is your own desired location to install ClamAV.


6.     Execute command to compile ClamAV source (written in c language) 

     make

7.     Execute command to install ClamAV

make install


8.     Update configuration files:

/etc/clamd.conf

·         Search ‘Example’ word and comment this line
·         Uncomment below lines:
LogTime: yes
LogSyslog yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /tmp
LocalSocket /var/run/clamav/clamd.socket
FixStaleSocket yes
User clamav

·         Configure and uncomment below lines. Ensure to replace token Linux_Box_IP with proper IP.

TCPAddr Linux_Box_IP
TCPSocket 3310

/etc/freshclam.conf

·         Search ‘Example’ word and comment this line
·         Uncomment below lines:
LogTime: yes

LogSyslog yes

PidFile /var/run/clamav/clamd.pid
DatabaseMirror database.clamav.net
NotifyClamd /etc/clamd.conf

9.     Start the base services to make sure they work  
  • Set command prompt to /sbin and run command
          ./configure &
  •  Set command prompt to /bin and run command
          ./freshclam –d &

10.  Perform manual testing to scan the file:

./clamdscan file_to_scan

Sample Output:

/home/infra/installs/clamav-0.97-installation/bin/../Party.docx: OK

----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.051 sec (0 m 0 s)


If you reached at this stage, you are done with the installation of ClamAV properly. Congratulations !!!. Now next step is to scan Virus in Java Application.

How to Scan Virus in JAVA Application

1.    Ensure to download required third party jars
2.     Use below class to plug ClamAV engine to your application. 
          
Package com.xxx.doc.utils;

import java.io.FileInputStream;
import java.io.InputStream;

import net.taldius.clamav.ClamAVScanner;
import net.taldius.clamav.ClamAVScannerFactory;

/**
 * Utility class to scan files using ClamAV antivirus APIs.
 */
public class ClamAVVirusHandler {

       // Host where 'clamd' process is running
       private String clamdHost;
      
       // Port on which 'clamd' process is listening
       private String clamdPort;
      
       // Connection time out to connect 'clamd' process
       private String connTimeOut;
      
       private ClamAVScanner scanner;
      
       public void setClamdHost(String clamdHost){
              this.clamdHost = clamdHost;
       }
      
       public String getClamdHost(){
              return this.clamdHost;
       }
      
       public void setClamdPort(String clamdPort){
              this.clamdPort = clamdPort;
       }
      
       public String getClamdPort(){
              return this.clamdPort;
       }
      
       public void setConnTimeOut(String connTimeOut){
              this.connTimeOut = connTimeOut;
       }
      
       public String getConnTimeOut(){
              return this.connTimeOut;
       }
      
       /**
        * Method to initialize clamAV scanner
        */
       public void initScanner(){
             
              ClamAVScannerFactory.setClamdHost(clamdHost);

              ClamAVScannerFactory.setClamdPort(Integer.parseInt(clamdPort));

              int connectionTimeOut = Integer.parseInt(connTimeOut);
             
              if (connectionTimeOut > 0) {
                   
                 ClamAVScannerFactory.setConnectionTimeout(connectionTimeOut);
              }
              this.scanner = ClamAVScannerFactory.getScanner();
       }

       public ClamAVScanner getClamAVScanner() {
              return scanner;
       }

       /**
        * Method scans files to check whether file is virus infected
        *
        * @param destFilePath file path
        * @return
        * @throws Exception
        */
       public boolean fileScanner(String destFilePath) throws Exception  {

              return fileScanner(new FileInputStream(destFilePath));
       }

       /**
        * Method scans files to check whether file is virus infected
        *
        * @param fileInputStream
        * @return
        * @throws Exception
        */
       public boolean fileScanner(InputStream fileInputStream) throws Exception        {

              boolean resScan = false;

              if (fileInputStream != null) {

                     resScan = scanner.performScan(fileInputStream);

              } else {

                     throw new Exception();
              }
              return resScan;
       }

}

3.     Configure below in applicationContext.xml file :

        <bean id="clamavutil" class="com.xxx.doc.utils.ClamAVVirusHandler" init-method="initScanner">
<property name="clamdHost" value=""/>
 <property name="clamdPort" value=""/>
 <property name="connTimeOut" value="90"/>  
        </bean>       


Note: To configure these property values, /etc/clamd.conf file should be referred. See the below configuration       that has been made in step-8 while installing ClamAV on Linux box

TCPAddr Linux_Box_IP
TCPSocket 3310

Property Description:

clamdHost
Host where 'clamd' service is running
clamdPort
Port on which 'clamd' service is listening
connTimeOut
Connection time out while connecting 'clamd' service

4.     Use ClamAVVirusHandler to scan the file:


   // Scan file to detect virus

   boolean noVirus;

   BeanFactory beanfactory = new  ClassPathXmlApplicationContext("applicationContext.xml");
                                               
   ClamAVUtil clamAVUtil = (ClamAVUtil) beanfactory.getBean("clamavutil");
                                               
   noVirus = clamAVUtil.fileScanner(doc);
                                               
               
   if(noVirus != true){

            System.out.println("Warning !! Virus detected");
   }



N   Now try to test virus infected file using above API. If you get "Warning !! Virus detected", that means you are successfully done with integrating ClamAV in your JAVA application. Congratulations !!!.

I hope this post helped you using ClamAV antivirus engine. Looking forward for your valuable comments and feedback.

Tuesday 8 April 2014

MongoDB Introduction with Java

What is MongoDB?
MongoDB is a non-relational database management system unlike traditional relational database management systems like Oracle, MySQL, IBM DB2 etc. MongoDB comes under NoSQL category. This is an open source document store database where you can store documents in JSON format.

This post can help you setting up mongo DB in your windows environment and also take you through the steps to connect mongo DB using Java program. Below points will be covered in this post:·      
  • How to install MongoDB?
  • How to Use MongoDB ?
  • How to Access MongoDB in Java?
How to install MongoDB?
Installing and setting up MongoDB is pretty simple. You just need to download zip/tar file, extract it, setup database directory location, that’s it. Isn’t it pretty simple? Off course it is. 

A.     Download MongoDB Distribution
Download MongoDB from here. If you are using Windows 64 bit, you can download this.

B.     Extract Zip File
Extract the downloaded zip file at your desired location (say < MongoDB_DIR >). Once you extract the zip file, you will see below files under ‘<MongoDB_DIR>/bin’ directory. 



C.     Setup Default Directory
This is the time to create directory where MongoDB will store the database documents. Create below directories under ‘<MongoDB_DIR>/bin’ folder.

<MongoDB_DIR>/bin/data/db

That’s it, you are done with installation and setting up the MongoDB.  Now, I believe you must be excited to see how to use this MongoDB. Let’s move to next section ‘How to Use MongoDB’.

How to Use MongoDB?
MongoDB can be accessed using client 'Mongo Shell'. MongoShell connects to the server where MongoDB is installed and then you can perform CRUD operations on MongoDB using 'Mongo Shell'.  

A.     Start MongoDB
Start the MongoDB using below command.

<MongoDB_DIR>/bin>mongod --dbpath ./data/db


Notice that ‘/data/db’ is same directory which we have created in last section.  If you want to get details of different commands you can execute below command.

<MongoDB_DIR>/bin>mongod --help

B.     Open Mongo Shell
Start Mongo shell using below command. Once the Mongo shell is started, you are ready to perform operations on MongoDB.

<MongoDB_DIR>/bin>mongo.exe


By default Mongo shell connects to the database which is running on ‘localhost:27017’. You can also connect to the database by providing host and port.

<MongoDB_DIR>/bin>mongo.exe <host>/port

Notice that default data base is ‘test’. That means whatever operations you will perform on MongoDB, these will be performed on ‘test’ database. In case you want to use your own database you can execute below command:

use <your_db>

This command will create your database (if does not exist) and then you can perform operations on your database.

C.     Perform MongoDB Operations

Now your MongoDB and MongoShell both are running. Refer below screen shot to execute different commands using MongoShell on MongoDB.
    

If you are interested to get more details on MongoDB operations, you can refer this. 

How to Access MongoDB in Java?
Using MongoDB Java Driver you can perform MongoDB operations in Java. If you are using Maven you can configure below dependency in your project to access the mongo-java-driver’s API. These APIs work as client to connect MongoDB and perform database operations.

<dependency>
      <groupId>org.mongodb</groupId>
      <artifactId>mongo-java-driver</artifactId>
       <version>2.10.1</version>
</dependency>

If you directly want to download mongo-java-driver binary distribution, you can download it from here.

Java MongoDB Communication Flow
This diagram depicts the communication flow between Java and MongoDB.   



Creating Java Class to Perform MongoDB CRUD Operations

This class demonstrates how to perform MongoDB crud operations. You can directly import this class into your project and execute it. Ensure to start MongoDB before executing this class.

package com.tengen.crud;

import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.List;
import com.mongodb.BasicDBObject;
import com.mongodb.DB;
import com.mongodb.DBCollection;
import com.mongodb.DBCursor;
import com.mongodb.MongoClient;
/**
 * Class performs MongoDB CRUD Operations
 */
public class MongoDBOperations {
       
        public static void main(String[] args) throws UnknownHostException {

               MongoClient mongoClient = new MongoClient();
              
               //Connect to Mongo DB 'test'
               DB database = mongoClient.getDB("test");
              
               //Get 'Employee' collection, If it does not exist, this will be created
               DBCollection dbCollection = database.getCollection("employee");
              
               List<String> names =
                  Arrays.asList("Narendra""Vinay""Ajit""Ranveer""Shashank""Vivek");

               System.out.println("Inserting documents...");
              
               // [Create Document] Insert employee documents
               for (String name : names) {
                       dbCollection.insert(new BasicDBObject("name", name));
               }

               print(dbCollection);
              
               // [Update Document] Update the document 
               // Add 'age' and 'email' properties in the document where name = 'Narendra']
               dbCollection.update(new BasicDBObject("name""Narendra"),
                              new BasicDBObject("age", 30).append("email",    
                                           "narendra.verma@gmail.com"));
                      
               // [Update Document] Perform upsert (update or insert)
               // Add 'gender' property in the document where name = 'Vivek']
               dbCollection.update(new BasicDBObject("name""Vivek"),
                              new BasicDBObject("$set"new BasicDBObject("gender""M")),
                                                  truefalse);
              
               System.out.println("After Updating document ...");
              
               print(dbCollection);
              
               //[Remove/Delete Document] Remove Document [where name = 'Shashank']
               dbCollection.remove(new BasicDBObject("name""Shashank"));
               System.out.println("After removing document...");
               print(dbCollection);
              
               // If you want to drop/remove the collection, uncomment below statement
               // dbCollection.drop();              
              
        }
       
        private static void print(DBCollection dbCollection){
              
               // [Read Document] Read and print all documents            
               DBCursor cursor = dbCollection.find();
               try {
                       while (cursor.hasNext()) {
                              System.out.println(cursor.next());
                       }
               } finally {
                       cursor.close();
               }
        }
}


If this program successfully connects to the MongoDB, you must see the blow console output

Inserting documents...
{ "_id" : { "$oid" : "5343707eddff0714f85b8923"} , "name" : "Narendra"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8924"} , "name" : "Vinay"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8925"} , "name" : "Ajit"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8926"} , "name" : "Ranveer"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8927"} , "name" : "Shashank"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8928"} , "name" : "Vivek"}
After Update ...
{ "_id" : { "$oid" : "5343707eddff0714f85b8924"} , "name" : "Vinay"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8925"} , "name" : "Ajit"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8926"} , "name" : "Ranveer"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8927"} , "name" : "Shashank"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8923"} , "age" : 30 , "email" : "narendra.verma@gmail.com"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8928"} , "gender" : "M" , "name" : "Vivek"}
After removing document...
{ "_id" : { "$oid" : "5343707eddff0714f85b8924"} , "name" : "Vinay"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8925"} , "name" : "Ajit"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8926"} , "name" : "Ranveer"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8923"} , "age" : 30 , "email" : "narendra.verma@gmail.com"}
{ "_id" : { "$oid" : "5343707eddff0714f85b8928"} , "gender" : "M" , "name" : "Vivek"}

If you reached at this stage and played with MongoDB, you can feel proud that you have added one more skill in your skill repository. If this post really helped you, your comments are most welcome. Also, I am looking forward for your valuable suggestions to improve my blog posts.

!! Happy MongoDB Learning !!