Full Disclosure mailing list archives
RE: Hey, ya! =))
From: "joe" <mvp () joeware net>
Date: Tue, 9 Mar 2004 13:46:11 -0500
Actually that is a pretty common practice for folks in large companies that have mail systems that open zip files and will quarantine the whole email if the zip has files with extensions that the mail "gods" have deemed unfriendly such as .vbs, .pl, etc. Virus or not. Think MailWatch. It is a simple quick way of telling the automated systems to stay out of the zip... It isn't to secure the zip from people. Of course renaming the zips is another possibility too but I don't see it as a stretch that companies start reading the first couple bytes and ascertain a file is a zip irregardless of the extension and treat it as such. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of madsaxon Sent: Tuesday, March 09, 2004 11:58 AM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Hey, ya! =)) I can't really think of any legitimate reason to pwd-zip an attachment and then include the pwd in plain text in the body. I think it's safe to assume that any such message is malware and discard it as far up the chain as possible. m5x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Hey, ya! =)) chris (Mar 09)
- Re: Hey, ya! =)) harry (Mar 09)
- Re: Hey, ya! =)) jeremy (Mar 09)
- Re: Hey, ya! =)) madsaxon (Mar 09)
- RE: Hey, ya! =)) joe (Mar 09)
- Re: Hey, ya! =)) yossarian (Mar 09)
- Re: Hey, ya! =)) yossarian (Mar 09)
- Re: Hey, ya! =)) jeremy (Mar 09)
- Re: Hey, ya! =)) harry (Mar 09)