bagle-i worm
Martin Hepworth
martinh at SOLID-STATE-LOGIC.COM
Tue Mar 2 17:38:43 GMT 2004
Won't help
ClamAV does spot this stuff though..
Also Julian's latest 4.28.2-2 doesn't catch it either (even though it
should!). I guess he's got real work on at the moment, or scratching his
head as to why it didn't work :-)
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Marco Obaid wrote:
> The worm DOES provide the user with the password :)
> Some of our users, as little techie as they are, managed to extract and
> execute the zip file ...
>
> Sophos, in my case, has been able to intercept Bagel A through F. For some
> reason, it failed to do so for the Bagle.I. I am upgrading Sophos to the March
> relesse and will Upgrade MS to latest-stable. Then I will test if Bagle.I will
> make it through this time before I re-allow zip attachments on my site.
>
> Quoting Stephen Conway <sconway at WLNET.COM>:
>
>
>>Good day:
>>
>>Correct me if I am wrong, but if the zip is password protected, how would
>>the end user open it w/o a password? So should I be worried if some get
>>through? We have clients with slow Satellite connections, so it is
>>difficult for them to upgrade their virus defs, so we are there only line of
>>defense. Is there a way for Sophos to scan password protected zip files?
>>
>>Thanks,
>>
>>SC
>>
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.
**********************************************************************
More information about the MailScanner
mailing list