Teleport - SCP upload antivirus

Hello Team,

I was trying to play a bit with the upload function that is present in the Web Browser and in particular the fact that there is potential for a malicious user to upload possibly dangerous files to a node.

In the past few days I tried a solution that would involve the HTTP CONNECT function and a Squid/Havp proxy to scan the file while being uploaded but didn’t really have much success.

Admittedly I’m not really expert in a topic like this so I’m seeking for a little bit of help. I guess the easiest solution is to set up something that immediately scans for a file after the upload is completed but I’m wondering if there exists an easy enough solution to deploy that can scan the file before being saved to the node.

Thank you for your assistance

SCP via web ui is not the only way to upload files, e.g. one can start an interactive session and pipe data through it, by capturing on the other side, so there would be no way to catch this with web UI.

I would recommend to confine all users with permissions to upload anything to a very specific linux principal who is allowed to put files only in a certain folder, and then scan all the files there.