[Dshield] Password protected Bagle.F

Jim Race vimages at well.com
Sat Mar 6 05:49:31 GMT 2004


Ernest Eustace wrote:

> I was wondering what, if anything some of you have done to allow access to
> ZIPs but still keep the network secure. I am certainly not going to be
> allowing ZIPs in any time soon, our gateway A/V firewall (FortiGate) is
> registering over a 1000 infected ZIPs quarantined daily.

There are other methods of compressing files that are as effective, yet 
obscure enough that virus and worm writers don't commonly use the file 
extensions they generate. I'd also guess that the vasy majority of 
non-compressed CAD files have extensions that are also not exploited by 
those same people.

http://www.cad2cam.com/list/

If you have to compress for bandwidth considerations, use an 
alternative. Odds are your suppliers will understand, or at least get 
used to the extra measure of security. If you don't have a bandwidth 
issue, send through the file with the proper extension (obscure as it 
may be) and scan all attachments.

-jim




More information about the list mailing list