No subject
Mike McMullen
mlm at LOANPROCESSING.NET
Wed Mar 3 19:16:33 GMT 2004
From: "Dan Hollis" <spamtrap71892316634 at ANIME.NET>
> Would it be possible for Mailscanner to unzip password protected zipfiles
> the same way some of the virus scanners do? Eg look for the text string in
> the message.
>
> It would make mailscanner work with f-prot to catch W32/Bagle.
>
> -Dan
>
Maybe this is a dumb question, but would it be possible to catch virues
in password protected zip files without unzipping them at all?
Could a signature or checksum be calculated that was within a certain error
bounds that said it was the virus zip?
I understand that extra random length files could be added to throw off a
checksum but at some point in the bitstream wouldn't there be a recognizable
pattern?
Mike
More information about the MailScanner
mailing list