[Dshield] Email blocking security question

Coxe, John B. JOHN.B.COXE at saic.com
Wed Mar 5 00:07:12 GMT 2003


Others, like .chm and .js, might be considerations.  Some AV products open
zip files looking for virus or blocked filetype content.  If you have such a
product in place, the need to block zip is reduced.  This is defeated by
password protected zips and encrypted email.  But neither of those are
really an issue with regard to the subject here.  .exe is a sticky matter.
Depending on the business on the network, there may be expressed needs to
distribute self-extracting archives through email.  But my experience has
been that most .exe attachments are jokes, viruses or software installers
that are better related outside of email (like with simple web links)...oh
and JDBGMGR.exe sent to replace deleted ones for people who fell for that
hoax.

-----Original Message-----
From: Richard Roy [mailto:RoyR at justicetrax.com]
Sent: Tuesday, March 04, 2003 2:17 PM
To: list at dshield.org
Subject: [Dshield] Email blocking security question


I have a security question that has come up as a sort of internal
debate.   Archive files (.zip) specifically.  Do you allow them thru the
firewall in email attachments?  Some of my peers feel they should be
blocked as they can be autoexecuted.  I'm not sure, I didn't think they
could be but we need to be safe these days.  Currently we block .pif,
.scr, .exe, .bat, .vb*, .com    anyone think of any others.
Thanks

Richard Roy
Network Administrator
JusticeTrax Inc
602-938-0059 x102
royr at justicetrax.com

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list