[Full-Disclosure] Re: E-Mail viruses
nobody at tatooine.homelinux.net
Sat Mar 6 00:47:13 GMT 2004
Curt Purdy wrote:
> Valdis.Kletnieks wrote:
> > So let's see.. the same bozos who read the text part of the
> > virus, get the password, and
> > use that to unzip the rest of the virus won't read the text
> > part, get the rename to do,
> > and.....
> > Color me dubious....
> Methinks you misunderstand. Only the proprietary extension, i.e. .inc or
> .xyz or .whatever, would be allowed through, and since virus writers would
> never use this extension, it would eliminate ALL viruses at the gateway.
> The nice thing about this approach is that it completely eliminates the need
> for any anti-virus on the mail server since all virus attachments are
> automatically dropped without the need for scanning. Quite a simple, yet
> elegant solution, if I do say so myself.
Elegant, indeed. Have an MCSE on that.
I wonder why virus writers didn't think of that yet.
Dear Microsoft Windows User,
[insert usual "install this patch immediately" here]
For security reasons, the upgrade installer has been renamed to update.eex
and cannot be executed directly. [insert "this tremendously elegant
solution keeps you safe from viruses, because..." here].
To install this critical service pack, save the attachement to disk, rename
it to update.exe and double-click it.
Thanks for your attention, etc. pp.
[attach your favourite update.eex]
Thank your for this inspiration.
Full-Disclosure is hosted and sponsored by Secunia.