Security Basics mailing list archives
RE: sobig.F
From: Watkins Capt Timothy J <WatkinsTJ () 4MCD USMC MIL>
Date: Wed, 27 Aug 2003 13:13:06 -0400
If you have Norton Exchange, you can make registry entries that will strip emails with attachments named *.pif and *.scr We also strip others such as *.exe, *.bat etc... There are many FAQs on how to set Norton up to do this. What type of email server do you have? What type of virus protection do you have on it? The normal user shouldn't be getting files that contain these extensions! Last week when SoBig was really sending out, we stripped over 20,000 emails! Tim Watkins -----Original Message----- From: Shankara Narayanan [mailto:ssn () zeeaccess com] Sent: Wednesday, August 27, 2003 12:41 AM To: Security-Basics Subject: sobig.F Hi list, Hearing scary news about next Sobig version... how to control it , any tips would be appriciated. Thanks in advance. Shankar -- Outgoing mail is certified Virus Free. Checked by AVG Anti-Virus (http://www.grisoft.com). Version: 7.0.167 / Virus Database: 259.11.3 - Release Date: 8/19/03 --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- sobig.F Shankara Narayanan (Aug 27)
- RE: sobig.F David Gillett (Aug 27)
- Re: sobig.F Nikunj Virani (Aug 29)
- <Possible follow-ups>
- RE: sobig.F Brad Bemis (Aug 27)
- RE: sobig.F Watkins Capt Timothy J (Aug 27)