eSafe Demo

Global Websites »

placement for flash

eSafe Products

eSafe Solutions

eSafe Library

How to Buy
- Find Reseller
- Worldwide Offices

Attack Intelligence Research Center

eSafe Support

Aladdin Knowledge Systems Ltd. is now owned by SafeNet Inc.
Now you can benefit from Stronger Expertise and broader
solution offerings.

Continue to SafeNet's Content Security Solutions overview >>

eSafe Test Page - Malicious Code Examples

EICAR Standard Test File | Malicious ActiveX | JavaScript with forbidden functions
VB Script with forbidden functions | HTTP Malicious Macro Script
FTP Malicious Macro Script | FTP Spoofed File

Test	EICAR Standard Test File
Capabilities	This test virus was developed by the European Institute for Computer Anti-Virus Research (EICAR) to provide an easy (and safe!) way to test whether your anti-virus software is working, and see how it reacts when a virus is detected. It is supported by most leading vendors. This is file contains a standard virus test signature, but the file itself is not a virus and not malicious. This file is created as a worldwide standard to test anti-virus products.
Configuration	This file should always be caught and blocked by eSafe.

Test	Malicious ActiveX
Capabilities	An applet is a program that can be embedded and executed in HTML files. ActiveX is Microsoft's method of writing applets and it is Windows-specific.
Configuration	In order to block ActiveX applets you will have to enter eConsole and perform the following actions: 1. Go to Content Filters => HTML => Active Content 2. Check the option Strip links to ActiveX.

Test	Java Script (Containing Forbidden Functions)
Capabilities	A script is a code that was added to HTML code and it is written in a different language. A Java script is written in the Java programming language.
Configuration	In order to block all Java scripts you will have to enter eConsole and perform the following actions: 1. Go to Content Filters => HTML => SmartScript Filters => JavaScript 2. Check the option Strip with forbidden functions.
Notes	Forbidden script functions are typically only found within malicious scripts. Blocking malicious functions will usually not cause any noticeable changes while browsing the Internet.

Test	VB Script (Containing Forbidden Functions)
Capabilities	A script is a code that was added to HTML code and it is written in a different language. A VB script is written in the Visual Basic programming language.
Configuration	In order to block all VB scripts you will have to enter eConsole and perform the following actions: 1. Go to Content Filters => SmartScript Filters => VBScript 2. Check the option Strip with forbidden functions.
Notes	Forbidden script functions are typically only found within malicious scripts. Blocking malicious functions will usually not cause any noticeable changes while browsing the Internet.

Test	HTTP Malicious Macro Script
Capabilities	A macro is a code which is written in the internal language of an application. A macro virus usually functions within Microsoft Office documents.
Configuration	This macro test script should be automatically blocked using the default configurations.
Notes	The test opens a Microsoft Word document containing a harmless macro.

Test	FTP Malicious Macro Script
Capabilities	A macro is a code which is written in the internal language of an application. A macro virus usually functions within Microsoft Office documents.
Configuration	This macro test script should be automatically blocked using the default configurations.
Notes	The test opens a Microsoft Word document containing a harmless macro.

Test	FTP Spoofed File Name
Capabilities	A "spoofed" or forged EXE file is an executable file which had its extension renamed to seem as a different type of file. Thus it attempts to "sneak" into a system which automatically blocks EXE files.
Configuration	In order to block spoofed files you will have to enter eConsole and perform the following actions: 1. Go to Content Filters => File Type Spoofing 2. Check the option Activate file-spoof protection. 3. Select Block for the Action when a file is spoofed.
Notes	The test will send an EXE file with its extension changed to GIF to this computer.