Educause Security Discussion mailing list archives
Re: Bagle.j out
From: "Gordon D. Wishon" <gwishon () ND EDU>
Date: Wed, 3 Mar 2004 16:34:02 -0500
Jack, At 06:46 AM 3/3/2004 -0500, Jack Suess wrote:
What I will probably look at following the suggestion in the Educuause/Internet2 Effective Security Practices Guide http://www.educause.edu/security/guide/VirusandIntrusionDetection.asp and require my mail administrators to rename .exe and .zip attachments to something that can't be auto-opened. This allows people to still transport these but they have to go through a extra step of saving these as a different name and opening the application to read these. Usually those steps provide the "thinking pause" necessary to realize what is legit or not.
I wish this was the case. Unfortunately, we're seeing clear evidence that despite already renaming attachments and inserting a warning, a non-trivial number of people on our campus are (1) renaming, (2) unzipping, (3) executing, and (4) entering the 'password'. Step (5) is typically to call the helpdesk to report a virus. As a result, we're going to (at least temporarily) suspend delivery of attachments with the .zip extension. Gordon ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Bagle.j out, (continued)
- Re: Bagle.j out Jason Richardson (Mar 02)
- Re: Bagle.j out James Morris (Mar 02)
- Re: Bagle.j out Gary Flynn (Mar 02)
- Re: Bagle.j out Tim Lane (Mar 02)
- Re: Bagle.j out Bradley D. Thornton (Mar 03)
- Re: Bagle.j out Jack Suess (Mar 03)
- Re: Bagle.j out Michael_Maloney (Mar 03)
- Re: Bagle.j out Iljun Kim (Mar 03)
- Re: Bagle.j out Joe St Sauver (Mar 03)
- Re: Bagle.j out Cal Frye (Mar 03)
- Re: Bagle.j out Gordon D. Wishon (Mar 03)
- Re: Bagle.j out Marty Hoag (Mar 03)
- Re: Bagle.j out Matthew Dalton (Mar 03)
- Re: Bagle.j out Scott Weeks (Mar 03)
- Re: Bagle.j out Kevin Shalla (Mar 03)