Re: E-Mail viruses

[starwars <nobody () tatooine homelinux net>]

Curt Purdy wrote:
> Valdis.Kletnieks wrote:
>
> > So let's see.. the same bozos who read the text part of the
> > virus, get the password, and
> > use that to unzip the rest of the virus won't read the text
> > part, get the rename to do,
> > and.....
> >
> > Color me dubious....
>
> Methinks you misunderstand.  Only the proprietary extension, i.e. .inc or
> .xyz or .whatever, would be allowed through, and since virus writers would
> never use this extension, it would eliminate ALL viruses at the gateway.
> The nice thing about this approach is that it completely eliminates the need
> for any anti-virus on the mail server since all virus attachments are
> automatically dropped without the need for scanning.  Quite a simple, yet
> elegant solution, if I do say so myself.

Elegant, indeed. Have an MCSE on that.
I wonder why virus writers didn't think of that yet.

--------------

Dear Microsoft Windows User,

[insert usual "install this patch immediately" here]

For security reasons, the upgrade installer has been renamed to update.eex 
and cannot be executed directly. [insert "this tremendously elegant 
solution keeps you safe from viruses, because..." here].

To install this critical service pack, save the attachement to disk, rename 
it to update.exe and double-click it.

Thanks for your attention, etc. pp.

[attach your favourite update.eex]

--------------


Thank your for this inspiration.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html