|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: David F. Skoll (dfs
roaringpenguin.com)Date: Mon Feb 25 2002 - 17:52:51 CST
On Mon, 25 Feb 2002, Eduardo R. Maciel wrote:
> An antivirus mailscanner should check the filesizes inside a
> compressed file like .tar.gz, .zip, .bz2, etc, BEFORE open the file
> for scanning.
MIMEDefang, in its normal configuration, does not look inside compressed
files or archives.
In general, I believe it is unwise for any virus scanner to look
inside compressed files or archives unless explicitly told to do so in
an interactive invocation. The extra steps required to open such
files and extract and execute the viral payload make it highly
unlikely that viruses would propagate in this way.
Viruses rely heavily on social engineering for propagation. Archives
and compression make such social engineering difficult.
-- David.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]