andydis
Mar 9 2004, 10:51 AM
sitting at work this morning i got a email like this:
From: r.stillings@exmail.de
Sent: 08 March 2004 12:24
To: Andrew **********
Subject: Hey, ya! =))
attachments: attacheddocuments.zip
I don't bite, weah!
password: 18510
Course i thought , hmmmmmm, and low and behold it was a beagle variant, now becuase my company has many a virus/security infrastructure i decided to find out why the attachment wasnt blocked.
the answer:-
apparently ANY ANTIVIRUS companies by law are now allowed to scan encrpyted/passworded zip files.
just wondering if anybody uses a AV that enables blocking of passworded zips?
or did anybody get a email like this?
its gonna be hell if every dumb end user gets this email and it spreads via zipped passworded files :-)
tribalgoa
Mar 9 2004, 04:26 PM
some companies have started using the following technique :
if attachment = .zip file --> try all words in body of email as password.
I dont think there's any law against AV product doing this
andydis
Mar 9 2004, 05:34 PM
mail sweeper or mimesweeper (if anybody heard of that)
has an option to block all passworded zips :-)
suppose thatll do
canardwc
Mar 10 2004, 06:05 PM
But blocking all zipped files can t be applied in some firms....
The best solution still a up to date antivirus, or inform this dumb end user as you said andydis :-)
pollo
Mar 21 2004, 12:16 AM
What is it?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
