Testing a Flexy for malware

Ewon Support Ewon Flexy
#1

Is there a tool or something I can use to confirm a Flexy has been tested for Malware?

I know it’s kind of a vague question but I got it from a customer.

#2

Hi Lars,

Only eWON installed software is allowed to run on the Flexy, so Malware cannot. However, the user can run scripts and store files in it’s memory. You could use FTP to download a copy of all accessible memory and scan that with a 3rd party anti-virus or other tools if you wanted to, but the files would not be allowed to execute anyway. The only thing that would be worth looking for would be a malicious script which would need to be installed by an attacker with access to the device, so as long as the device credentials are protected, this should never occur.

Please note, any electronic computing device can be hacked given enough time, skill, and other resources. There is no such thing as a “hack-proof” computer. This is why we continuously update our devices with the latest security patches.

Kyle

1 Like
#4

What would I need to download via ftp to scan with 3rd party software?
All files visible while browsing with an ftp client?

#5

Yes. What I was trying to say is that unless your customer gave a bad actor access to his device, he won’t find anything malicious, but if he really fears that someone installed a malicious script on his Flexy, he can download the accessible files here:

ftp://[flexy ip address]

and use his preferred anti-malware tools to inspect the files.

Also, I would let him know that the Flexy is a lot different than a Windows PC that you typically install an anti-virus on. It is more like a router or a firewall (it actually is a router), which people don’t scan for malware because they can’t run malware. What he is asking to do is essentially the same as trying to scan his wireless router for malware.

Kyle

#6

Could I scan the full backup file? or would that not contain everything?

#7

In this case, if you thought someone put a bad script on your device, you would want to directly download them with FTP as you don’t know exactly where they were put or if they would be included in a backup.