Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: [inbox] Re: Re: E-Mail viruses
From: "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh () online gateway technolabs net>
Date: Sun, 7 Mar 2004 16:44:53 +0530


I think the kind of approach Kurt has suggested can only realistically 
work in corporate and institutional environments (and with the 
occasional well-disciplned individual), where it would also be 
realtively easy to further restrict the odds of sustaining damage via 
this entry route by only allowing designated users to receive such 
content.  Further restrictions, such as "it must have the '.ABC' 
extension and internally be a RAR archive" could easily be added for 

this would not greatly add to security but it would be addeded layer. all the archives have a magic header that will 
allow them to be scanned and identified, this is how it works on unix. maybe some thing of that sort is required....

even then how would it solve the prob of encrypted attachments. most archirve formats have an options where the file 
names are visible but some like rar have a option to encrypt file name also ie you cannot see the names of the files in 
the archive untill you have the password..

-aditya


________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]