Password Protected .rar files
Hugo van der Kooij
hvdkooij at vanderkooij.org
Sat Apr 28 22:07:14 IST 2007
On Sat, 28 Apr 2007, Drew Marshall wrote:
> One of my clients has recently been sent a password protected rar file. The
> body of the mail is a gif image which uses social engineering (Based on the
> user having a virus and the attached file has the miracle cure) to open this
> file.
>
> This went sailing through MailScanner, passed F-Prot, Clam & Bitdefender and
> passed the option to not allow password protected archive files. I have
> checked my path to unrar, which is fine and all the other parameters are all
> ok too.
>
> First question: Any one else seen these?
I am not sure if rar is not a bit peculiar about password protected files.
BitDefender allows no explicit blocking of password protected files.
f-prot does not have a commandline option for this either.
clamscan has the --block-encrypted option but I am not aware of an
equivalent for the module configuration.
Hugo.
--
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
This message is using 100% recycled electrons.
Some men see computers as they are and say "Windows"
I use computers with Linux and say "Why Windows?"
(Thanks JFK, for the insight.)
More information about the MailScanner
mailing list