Educause Security Discussion mailing list archives
Re: Password protected ZIP's and Email Viruses
From: Michael_Maloney <Michael_Maloney () MIDDLESEXCC EDU>
Date: Tue, 2 Mar 2004 16:09:19 -0500
Sorry about that.. By doing this, the AV software can open the archive and remove the blocked attachment. I'm not sure if it can still perform the scan on it or not, my thinking would be no because it needs to extract the file in order to scan it, and that requires the password. Mike ******************************************** Mike Maloney Sr. System Engineer Middlesex County College 2600 Woodbridge Avenue Edison, NJ 08818 Phone: 732-906-7754 Cell: 908-217-2086 Fax: 732-906-4266 Email: Michael_Maloney () middlesexcc edu ******************************************** -----Original Message----- From: Gary Flynn [mailto:flynngn () JMU EDU] Sent: Tuesday, March 02, 2004 3:55 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Password protected ZIP's and Email Viruses Michael_Maloney wrote:
I found that by adding the "+" character to file extensions that are blocked (.exe+, .cmd+, .vbs+ etc etc), the A/V software can now recognize that file extension and perform the necessary actions on it.
Do you mean the AV software can then open and scan the password protected ZIP or do you mean the mail server can block it based on the attachment name? -- Gary Flynn Security Engineer - Technical Services James Madison University ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Password protected ZIP's and Email Viruses Michael_Maloney (Mar 02)
- <Possible follow-ups>
- Re: Password protected ZIP's and Email Viruses Gary Flynn (Mar 02)
- Re: Password protected ZIP's and Email Viruses Michael_Maloney (Mar 02)