Security Basics mailing list archives
RE: Email Issues
From: LordInfidel () directionweb com
Date: Sun, 29 Feb 2004 09:39:22 -0500
if your vscan at the mail gateway is set to only scan above certain file sizes, it will allow the file thru, regardless if the extension is blocked. To test it: let's say your blocking all exe's if you create a txt file then rename it block.exe and send it thru, it will probably slip thru. take that same text file add 10 characters, send it back thru as a exe. Again it will probably go thru. But now populate it with several pages of garbage and send it back thru, and it will probably get blocked -----Original Message----- From: MARTIN M. Binoni [mailto:benoni_martin () hotmail com] Sent: Friday, February 27, 2004 10:14 AM To: dodiorne () newmarcorp com; security-basics () securityfocus com Subject: RE: Email Issues We are experiencing that as well in our company...but, I just delete them, don't have time to check this out, and..it is well known that attached files can be dangerous! :)
From: "Derek Odiorne" <dodiorne () newmarcorp com> To: <security-basics () securityfocus com> Subject: RE: Email Issues Date: Thu, 26 Feb 2004 14:09:56 -0500 I am experiencing the same thing. Upon opening the zip file there is no files in it. -----Original Message----- From: sean.osullivan () ise ie [mailto:sean.osullivan () ise ie] Sent: Thursday, February 26, 2004 4:51 AM To: security-basics () securityfocus com Subject: Email Issues Hi All Something weird has been happening the last three days. We have been getting mails that look like the NetSky virus (smae text and attachments), to a certain mailboxs, but the weird thing is that the .zip attachment is 78 Bytes, the actual virus .zip file is 22,016 bytes. Another things is our Mailsweeper is set to block all .zip files but this one is getting through. I did a test and sent a mail with a normal .zip attachment to this mail box and it got blocked. Has anyone seen this or have any ideas on what its all about? Thanks in advance. Sean ********************************************************************** This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- ----------------------------------------------------------------------- This communication (including any attachments) is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged information. If you are not the intended recipient, any retransmission, dissemination, distribution, disclosing, copying, or using any of this information is strictly prohibited. If you received this communication in error, please contact the sender immediately and delete or destroy the material in its entirety. --------------------------------------------------------------------------- ---------------------------------------------------------------------------
-
_________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ----------------------------------------------------------------------------
Current thread:
- RE: Email Issues LordInfidel (Mar 01)