Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
RE: AW: [suse-security] NAI on unix do not find actual virus
  • From: suse@xxxxxx
  • Date: Thu, 11 Mar 2004 10:47:04 -0500
  • Message-id: <20040311104704.e3h1thcswowgs4o4@xxxxxx>
Quoting Tom Knight <thomas.knight@xxxxxxxxxx>:
>
> Has anyone here tried the possible method I mentioned in an earlier post?
>
> "Okay, how to get round this?
>
> Possibly tell your scanner to reject .zip files containing
> files with extension .exe+. .com+ etc etc.
>
> I haven't actually received a single one of these .zip files,
> but the above tip was one I saw on the NTBugTraq list which
> apparently works with Norton Anti-Virus for Exchange V2.1. I
> imagine amavis/clamAV would be able to be configured this way."
>

And how would the scanner know what files were in the *ENCRYPTED* zip? That's
the whole problem with worms hidden in encrypted zips. If the scanner could
open them to see what files were there, it would just scan the files normally.

< Previous Next >
References