[THIN] Re: OT: Security response to BAGLE virus (password protected .zips)

• From: "Evan Mann" <emann@xxxxxxxxxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Thu, 4 Mar 2004 12:49:53 -0500

Just FYI for Symantec users, this ONLY works in 2.1.  The 3.x and 4.x
versions changes the way they handled .ZIPs and adding the + will do
nothing. Symantec support would like to see the old way back, but who
knows if developers will implement it.

=20

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Henry Sieff
Sent: Thursday, March 04, 2004 12:23 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Security response to BAGLE virus (password
protected .zips)

There is a clever way in NAV for Exchange 2.1 to use the
attachment/message blocking features to block these.

Take the executable extensions you are already blocking, and put a "+"
at the end of them ie *.com =3D *.com+ and add these to your blocked
attachments list.



> -----Original Message-----
> From: Claus, Brian [mailto:BClaus@xxxxxxxxxxxxx]
> Sent: Thursday, March 04, 2004 7:28 AM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] OT: Security response to BAGLE virus (password=20
> protected
> .zips)
>=20
>=20
> Just wondering what others are doing to combat the latest BAGLE worm.

> =3D It's password protected so standard AV won't scan into it.  How is =
=3D

> everyone else handling delivery of .zip files now?
>=20
> We're using the Trend Micro AV suite.
>=20
> Do you think the latest password protected BAGLE worm has caused the =
=3D

> demise of password protected .zip files?
>=20
> My immediate opinion in the matter is that password protected .zip=20
> files =3D will now be treated with the same delivery restrictions that =

> the .exe, =3D .scr, .pif, .vbs have come under but I'm not aware of =
any=20
> AV software or =3D other means to differentiate scanning options =
between

> p\w protected .zip =3D files and non p\w protected .zip files.
>=20
>=20
> Thanks,
> =3D20
>=20
>   _____ =3D20
>=20
> =3D20
> Brian Claus, A+, Network+, MCP
> Network Administrator
> WESCO Distribution, Inc.
> 225 West Station Square Drive, Suite 700 Pittsburgh, PA 15219-1122
> Phone:  412-454-2412
> Fax:  412-454-2540
> bclaus@xxxxxxxxxxxxx <mailto:bclaus@xxxxxxxxxxxxx>=3D20
>   _____ =3D20
>=20
> ********************************************************
> This weeks sponsor triCerat Inc.
> triCerat makes your job easier by offering essential applications to=20
> eliminate your printing, policy and profile, and your application=20
> management problems.
> http://www.triCerat.com
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode

> use the below link:
> http://thin.net/citrixlist.cfm
>=20
********************************************************
This weeks sponsor triCerat Inc.
triCerat makes your job easier by offering essential applications to
eliminate your printing, policy and profile, and your application
management problems.
http://www.triCerat.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode
use the below link:
http://thin.net/citrixlist.cfm


********************************************************
This weeks sponsor triCerat Inc.
triCerat makes your job easier by offering essential
applications to eliminate your printing, policy and profile,
and your application management problems.
http://www.triCerat.com 
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

Other related posts:

• » [THIN] OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)
• » [THIN] Re: OT: Security response to BAGLE virus (password protected .zips)

1. Home
2. thin
3. Archive
4. 03-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---