[rescue] Re: NetApps
Phil Stracchino
alaric at caerllewys.net
Thu Apr 8 10:39:41 CDT 2004
On Thu, Apr 08, 2004 at 10:17:36AM -0400, Kevin wrote:
> I do not allow any *.zip files through our mail servers and i'm
> able to keep my job just fine. Please enlighten me with your
> proposed solution to the problem?
I think the issue here is, "We're worried about viruses and trojans, but
we're not going to bother actually SCANNING attachments, we're just
going to block anything that has a .zip extension without bothering to
check whether the filetype actually matches the extension or not, so if
you want to trivially defeat our pathetic excuse for a security measure,
just rename your .zip file to .scr or something."
--
.********* Fight Back! It may not be just YOUR life at risk. *********.
: phil stracchino : unix ronin : renaissance man : mystic zen biker geek :
: alaric at caerllewys.net|phil-stracchino at earthlink.net|phil at novylen.net :
: 2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold) :
: Linux Now! ...Because friends don't let friends use Microsoft. :
More information about the rescue
mailing list