RE: Block TGZ files with GFI DownloadSecurity.
- From: "David Farinic" <davidf@xxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 6 Jun 2003 11:22:05 +0200
Add "application/x-tar" to the Scanned Content Types from Microsoft ISA
management -> ISA servers -> Extensions -> Web filters node ->
Properties of GFI DownloadSecurity web filter.
That's should be enough.
BTW: It will be added to the default set of scanned content types in
next version of DS.
With Regards David Farinic
-----Original Message-----
From: Jean-Claude CORNELY [mailto:Jean-Claude.CORNELY@xxxxxx]
Sent: Friday, June 06, 2003 10:31 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Block TGZ files with GFI DownloadSecurity.
http://www.ISAserver.org
Hello,
I use the GFI Download Security to block all the downloads made through
Isa Server. But a few days ago, a virus pass through the Download
Security whereas it was configured to block all download. The virus was
in a .TGZ archive.
It seems that Download Security don't scan or block this type of files.
I contact the GFI support but they didn't help me much. Here is what
they said:
I have noticed that GFI Download Security only scans certain Content
Types. Would I be able to scan all the files downloaded by the users?
_____
The information in this article applies to:
* GFI Download Security for ISA Server 5
_____
Article ID: KBID001560
Query keywords:
In general, files for which no specific Content Type exists would have
the Content Type application/octet-stream. Examples of such file types
include mp3 and hlp etc.
However, there may be cases where a file has a custom Content Type. In
this case, GFI DownloadSecurity would not scan the file, unless the
custom Content Type is inserted into the Scanned Content Types from
Microsoft ISA management -> ISA servers -> Extensions -> Web filters
node -> Properties of GFI DownloadSecurity web filter.
GFI DownloadSecurity is checking the header for all the objects and
overwriting the Content Type definitions for the following objects:
Executables -> application/x-msdownload
Java applets -> application/java
Flash objects -> application/x-shockwave-flash
Zipped objects -> application/x-zip-compressed
Can someone help me a bit more an tell me what I have to do exactly.
Thanks,
Jean-Claude Cornely
BEA S.A.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
davidf@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
This mail was content-checked for malicious code and viruses
by GFI MailSecurity. GFI MailSecurity provides email content
checking, exploit detection and anti-virus for Exchange &
SMTP servers. Spam, viruses, dangerous attachments and
offensive content are removed automatically. Key features
include: Multiple virus engines; Email content & attachment
checking; Exploit shield - email intrusion detection & defence;
Email threats engine - analyses & defuses HTML scripts,
.exe files & more.
In addition to GFI MailSecurity, GFI also produces the GFI
FAXmaker fax server & GFI LANguard network security product
ranges. For more information on our products, please visit
http://www.gfi.com. This disclaimer was sent by GFI MailEssentials
for Exchange/SMTP.
Other related posts:
