Archives with passwords
tony.johansson at SVENSKAKYRKAN.SE
Mon Nov 24 18:54:04 GMT 2003
I dont know if anyone noticed but this is now a technique that is beeing
used, see http://www3.ca.com/virusinfo/virus.aspx?ID=37602
I took a brief look at the "file" commands /usr/share/magic and instantly
broke out in hives...
Wouldn't it be easier to implement a "deny encrypted archives" through
command line scanners that say something intelligent? I've tried the ones I
trend: *** Scan error -92
inoculan: Failed to extract <file> Reason:4
f-secure: ERROR: Password protected file
>>Does "Block Encrypted Messages" also stop password protected archives
>>(zip/rar etc) ?
>No. It stops encrypted messages, not just encrypted attachments.
>>If not, can I stop these files in some other way?
>Use the Filetype checking, once you can get the "file" command to recognise
>Professional Support Services at www.MailScanner.biz
>MailScanner thanks transtec Computers for their support
>PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
More information about the MailScanner