HIPPA password protected zip files
MailScanner at ecs.soton.ac.uk
Tue Oct 25 21:58:32 IST 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
-----BEGIN PGP SIGNED MESSAGE-----
Glenn Steen wrote:
>To add some clarification (or confusion, depending on how you look at
>it:), some AVs might have signatures for specific files, even though
>they don't really decode the files.... But, the main benefit of saying
>"No" to password protected archives is that this is a "proactive
>defense" s where the AV programs mainly are "reactive defenses"....
>The AV signature makers need see the malicious code to be able to make
>signatures for them (yeah, I'm aware of the "new" buzz about heuristic
>scans and sandboxing... won't come into play with a pwd protected
>archive), while saying no will deny any threat posed by allowing it...
>But if you need allow, then yes, do make a ruleset and keep the
>allowed set small (and "numeric";).
As most of you probably realise, I am very strongly in favour of
pro-active protection. It's one of the main differences between
MailScanner and most of the competition, multiple layers of pro-active
defence, meaning that it doesn't matter if your AV signatures are a
little behind while the AV vendors work out their new detection patterns.
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2424)
-----END PGP SIGNATURE-----
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner