RE: Analyzing Suspicious Attachment

["Petter Bruland" <pbruland () fcglv com>]

We rely almost 100% on using ZIP files when emailing documents/images
etc, so I too would like to hear more about elimination of ZIP file. I
do welcome any other solution, as far as it's not too much work for our
lazy employees. :-)

But I have to give most of my users credit for not opening attachments
from unknown senders, or even unexpected attachments from known senders.
Every now and then I get a call about a suspicious attachment, which
they tell me I can find in their deleted items. At my last company
everyone opened everything, even when they were told not to.

Thanks everyone, for your contributions to all the various discussions
on this list! I really enjoy all the good information!

-Petter 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Josh Haft
Sent: Friday, January 18, 2008 8:30 AM
To: Richard Golodner
Cc: security-basics () securityfocus com
Subject: Re: Analyzing Suspicious Attachment

On Jan 17, 2008 6:42 PM, Richard Golodner <rgolodner () infratection com>
wrote:
> Why do you allow .zip onto your network anyway? Danger Will Robinson. 
> Hope things this group has suggested have helped you sort it out Al.
>
>       most sincerely, Richard

Richard, I agree that zip files can be dangerous, but I'm curious about
other options. Please share your experiences in eliminating this type of
file from your network.