Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: [inbox] Re: Re: E-Mail viruses
From: "Chris DeVoney" <cdevoney () u washington edu>
Date: Fri, 5 Mar 2004 17:45:56 -0800

On Friday, March 05, 2004 12:20 PM, Curt Purdy wrote:

Methinks you misunderstand.  Only the proprietary extension, 
i.e. .inc or .xyz or .whatever, would be allowed through, and 
since virus writers would never use this extension, it would 
eliminate ALL viruses at the gateway.
The nice thing about this approach is that it completely 
eliminates the need for any anti-virus on the mail server 
since all virus attachments are automatically dropped without 
the need for scanning.  Quite a simple, yet elegant solution, 
if I do say so myself.

And (I think this paraphrases a collective thought) happens when the virus
writers start sending attachments using that "magic" extension and include a
social-engineered message in the e-mail to rename this thing to a .exe and
execute it.?


cdv

------------------------
Chris DeVoney
Clinical Research Center Informatics
University of Washington
cdevoney () u washington edu
206-598-6816 
------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]