[KLUG Members] The latest M$ virus.

Bruce Smith members@kalamazoolinux.org
Thu, 04 Mar 2004 09:34:36 -0500

Previous message: [KLUG Members] The latest M$ virus.
Next message: [KLUG Members] The latest M$ virus.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Anyone know of a way to block password protected ZIP files on the MTA?
> > (and still allow regular zip files through - after virus scanning their
> > contents)
> 
> No.  But it seems like something could be coded using libzip.

Sure, it can definitely be programmed, but I don't have the time or
desire.  And I'm sure someone will beat me to it anyway.  Let me know 
if you run across a milter or something that does it.

> > Yes, the latest virus has found away around virus scanning by embedding
> > itself in a password protected zip file.  Since the virus scanner can't
> > unzip the file to scan it, it passes the file though.  The message text
> > contains the password to the zip file (which is randomly generated), and
> > looks like a tech support message telling the user to unzip and run the
> > enclosed .exe file.
> 
> Nothing can defeat human stupidity!

True, but we keep trying to program it anyway.  :-)

 - BS

Previous message: [KLUG Members] The latest M$ virus.
Next message: [KLUG Members] The latest M$ virus.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]