[SWLUG] thoughts on mydoom
nat
nat at nuqe.net
Thu Jan 29 11:36:39 UTC 2004
earlier <kneecaps at shockpulse.co.uk> wrote...
> I have to agree! The main difference is..if a user runs an malicious
> e-mail attachment in an OS such as Windows..there is practically no
> limit to the damage it can do...total HDD format if it wants :D
easily solved, strip off all windows executable files on the mail server
before the message reaches the user; .exe .com .vbs .bat .pif .scr etc.
also remove any password protected zip or other types of archive file,
as the virus checker cant scan the contents of these.
after that i force conversion of any html emails to plain text and push any
attachments through a virus checker that's definitions are scheduled to
update hourly.
so far none of the 300 mailboxes i'm hosting for people have become
infected.
this doesnt stop the never ending problem of users click 'yes' on activex
components like gator and stuff though.
nat,
--
http://photos.nuqe.net
More information about the Swlug
mailing list