Blocking Nimda by using LANguard
- From: "Sandro Gauci" <sandro@xxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 20 Sep 2001 15:17:48 +0200
Nimda Infected HTTP servers will try to also infect anyone browsing the web
site it is hosting.
Configuring LANguard for ISA server to block eml files through HTTP:
1. In the file checking create a new rule by clicking on "New rule" button
2. Double-click the new rule to modify it.
3. Select all the attachment types and click on remove
4. Click on add and type in eml
5. In the actions tab select Delete object instead of quarantine object.
6. Be sure that both "Notify user via e-mail" and "Notify moderator via e-mail"
are selected
This rule will make sure that all eml files are blocked at ISA-Server and never
reach your Internet Explorer clients.
Check out http://www.languard.com for more information about this product.
If you need more information about the worm, check out
http://www.gfi.com/press/nimdaworm.htm
Kind Regards
Sandro Gauci
Security Engineer
http://www.gfi.com
GFI - Security & communications products for Windows NT/2000
http://www.gfi.com
**********************************************************
This mail was content checked for malicious code or viruses
by Mail essentials. Mail essentials for Exchange/SMTP is an
email security, content checking & anti-virus gateway that
removes all types of email-borne threats before they can affect
your email users. Spam, viruses, dangerous attachments & offensive
content can be removed before they reach your mail server.
In addition it has server-based email encryption, disclaimers
and other email features.
***********************************************************
In addition to Mail essentials, GFI also produces the FAXmaker
fax server product range & LANguard internet access control &
intrusion detection. For more information on our products please
visit http://www.gfi.com
Other related posts:
