Block TGZ files with GFI DownloadSecurity.
- From: "Jean-Claude CORNELY" <Jean-Claude.CORNELY@xxxxxx>
- To: "Liste ISA (E-mail)" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 6 Jun 2003 10:31:12 +0200
Hello,
I use the GFI Download Security to block all the downloads made through Isa
Server. But a few days ago, a virus pass through the Download Security whereas
it was configured to block all download. The virus was in a .TGZ archive.
It seems that Download Security don't scan or block this type of files. I
contact the GFI support but they didn't help me much. Here is what they said:
I have noticed that GFI Download Security only scans certain Content Types.
Would I be able to scan all the files downloaded by the users?
_____
The information in this article applies to:
* GFI Download Security for ISA Server 5
_____
Article ID: KBID001560
Query keywords:
In general, files for which no specific Content Type exists would have the
Content Type application/octet-stream. Examples of such file types include mp3
and hlp etc.
However, there may be cases where a file has a custom Content Type. In this
case, GFI DownloadSecurity would not scan the file, unless the custom Content
Type is inserted into the Scanned Content Types from Microsoft ISA management
-> ISA servers -> Extensions -> Web filters node -> Properties of GFI
DownloadSecurity web filter.
GFI DownloadSecurity is checking the header for all the objects and overwriting
the Content Type definitions for the following objects:
Executables -> application/x-msdownload
Java applets -> application/java
Flash objects -> application/x-shockwave-flash
Zipped objects -> application/x-zip-compressed
Can someone help me a bit more an tell me what I have to do exactly.
Thanks,
Jean-Claude Cornely
BEA S.A.
Other related posts:
