[Mimedefang] Virus statistics (was: One that the default filter missed...)

Michael D. Sofka sofkam at rpi.edu
Fri May 24 16:49:44 EDT 2002


At 04:31 PM 5/24/2002 -0400, David F. Skoll wrote:
>Well, not really.  If students have to mail assignments, just tell
>them to zip them up.  (or tar them up on UNIX boxes or Squish them [whatever]
>on Macs.)
>
>I think asking people to zip up executables is reasonable, and it stops
>most viruses because of the added human interaction required for propagation.

Short term solution, at best.  It's easy to click on a .zip file and run
an infected attachment now.  Eventually viruses will explong .zip as
a way past filters.

A holding pen is a possibility we're seriously thinking about.  Because,
as you say, letting through executables is risky due to the delay before
new scanning patterns are available.  It would be nice to have a system in
place before it is needed.  This could be combined with a system to put
executables into Web space, with the link made available after a suitable
delay.

Mike

--
Michael Sofka                          sofkam at rpi.edu
CCT Sr. Systems Programmer  email, webmail, listproc, TeX, epistemology.
Rensselaer Polytechnic Institute, Troy, NY.    http://www.rpi.edu/~sofkam/




More information about the MIMEDefang mailing list