[Esa-l]Sircam with application/mixed
IT Department - CI Holding Group, Inc.
it at ciholding.com
Thu Aug 2 08:54:53 PDT 2001
At 08:40 PM 7/31/2001 -0600, Lee Howard wrote:
>Both. Because of local needs, I do not poison anything based on filename
>extension, only on complete filename (i.e. "happy99.exe"). And, the
>antivirus program gives me some reassurance that this should generally be
>enough. The sanitizer does a wonderful job of defanging potentially
>dangerous attachments to our Microsoft Outlook mail client base. We are
>fortunate that the user base is intelligent enough to think twice before
>defanging an attachment to run it.
I used to think that way as well, until we were hit with some unknown
virii. Luckily, now I do double-extension blocking (per John's filter),
and we have prevented Melissa, I Love You, SirCam, Hybris et al.
I think that if we had not been blocking those patterns, we too would have
been a victim of the dreaded "click" that most users do without thinking
twice (even w/ training).
Thanks John!
tmp
i n f o r m a t i o n t e c h n o l o g y d e p a r t m e n t
-------------------------------------------------------------------------------
C I H O L D I N G G R O U P , I N C
e-mail:// it at ciholding.com tel:// +1 (760) 471-8536
fax:// +1 (760) 471-0399
More information about the esd-l
mailing list