Full Disclosure mailing list archives
Re: Backdoor not recognized by Kaspersky
From: Bart.Lansing () kohls com
Date: Wed, 3 Mar 2004 09:46:23 -0600
No, what I would expect is that it has the smarts (and it does, we are doing it here with Trend) to look inside the Zip and stop any zip containing any .scr/.exe/.com/.you-name-executable files. Check your Trend (or whatever mail checker you are using) configs and set them appropriately. Double check to see that you have not granted your own domain exemptions from your rules to eliminate the spoofed mail walking through and waving at your gateway on the way by. The zip's contents can be seen without the password, just not unpacked...no cracking it required. You should be blocking executables by policy anyway, yes? Bart Lansing Manager, Desktop Services Kohl's IT
Well, what would you expect, that the virusgateway would brute-forcecrack
the
zip password ? No. It has only two options: A) Delete all password protected zipfiles regardless or B) Let any and all password protected zipfiles through.
Option A) is not really [usually] acceptable in the real world. (YMMV) Maarten -- Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO
CARRIER
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
CONFIDENTIALITY NOTICE: This is a transmission from Kohl's Department Stores, Inc. and may contain information which is confidential and proprietary. If you are not the addressee, any disclosure, copying or distribution or use of the contents of this message is expressly prohibited. If you have received this transmission in error, please destroy it and notify us immediately at 262-703-7000. CAUTION: Internet and e-mail communications are Kohl's property and Kohl's reserves the right to retrieve and read any message created, sent and received. Kohl's reserves the right to monitor messages by authorized Kohl's Associates at any time without any further consent. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Backdoor not recognized by Kaspersky, (continued)
- RE: Backdoor not recognized by Kaspersky Larry Seltzer (Mar 03)
- RE: Backdoor not recognized by Kaspersky ajrarn (Mar 03)
- RE: Backdoor not recognized by Kaspersky Oliver Schneider (Mar 03)
- RE: Backdoor not recognized by Kaspersky Paul Niranjan (Mar 03)
- Re: Backdoor not recognized by Kaspersky Mary Landesman (Mar 03)
- RE: Backdoor not recognized by Kaspersky Jyri.Tamminen (Mar 03)
- RE: Backdoor not recognized by Kaspersky David Kammering (Mar 03)
- Re: Backdoor not recognized by Kaspersky maarten (Mar 03)
- Re: Backdoor not recognized by Kaspersky Martin Mačok (Mar 03)
- Re: Backdoor not recognized by Kaspersky Nick FitzGerald (Mar 03)
- Re: Backdoor not recognized by Kaspersky Bart . Lansing (Mar 03)
- RE: Backdoor not recognized by Kaspersky Aditya, ALD [Aditya Lalit Deshmukh] (Mar 03)
- Re: Backdoor not recognized by Kaspersky KUIJPERS Jimmy (Mar 04)
- Re: Backdoor not recognized by Kaspersky maarten (Mar 03)
- Re: Backdoor not recognized by Kaspersky Gregor Lawatscheck (Mar 03)
- Re: Backdoor not recognized by Kaspersky Cael Abal (Mar 03)
- Re: Backdoor not recognized by Kaspersky Bart . Lansing (Mar 03)
- Re: Backdoor not recognized by Kaspersky Cael Abal (Mar 03)
- Re: Backdoor not recognized by Kaspersky Gregor Lawatscheck (Mar 03)
- Re: Backdoor not recognized by Kaspersky Valdis . Kletnieks (Mar 04)