[Dshield] door opener

David Sentelle David.Sentelle at cnbcbank.com
Fri Aug 24 20:51:35 GMT 2001


Speaking of ZoneAlarm and email viruses.  I recently got an email from a spoofed email address with an attachment that had a .ZL9 attachment.  At first I thought this was some sort of script for setting up a rule in my ZoneAlarm which would open ports for a trojan, MS-networking, or some other nefarious purpose.  

Regardless of the fact that it's default association was with ZoneAlarm, it was an EXE file, as I dragged it into notepad and saw the telltale 'This program cannot be run in DOS mode' text in the first part of the file.  

Anyone heard of anything like that?  If the odd .ZL9 extension peaks anyone's interest I would be glad to forward it via means other than the listserv.

Happy Weekend everyone!)



―- Original message ―-
Message: 3
From: "Samuel" <Samuel at socal.rr.com>
To: <dshield at dshield.org>
Subject: Re: [Dshield] door opener
Date: Fri, 24 Aug 2001 09:36:50 -0700
Reply-To: dshield at dshield.org 

You say that you suspect that your system was intruded through email, and it
is my understanding that ZoneAlarm will protect us from that. ZoneAlarm's
purpose is as a firewall but it also has a feature that is effective on
email too. There are many other software that will shield us from intruders
attempting to get in through email.


----------------------------------------
David Sentelle
Network Operations Specialist
Commerce National Bank
614.334.6282 Voice    614.848.8830 Fax

"I.T. happens!)"

This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this e-mail in error, please notify admin at cnbcbank.com and delete it from your system.




More information about the list mailing list