Re: Why can't ISPs stop spam/virus ?!

From: Ed Murphy (emurphy42_at_socal.rr.com)
Date: 09/22/03 

Date: Mon, 22 Sep 2003 09:28:33 GMT

On Mon, 22 Sep 2003 01:58:06 -0700, Paul Lutus wrote:

>>> You've never acutally looked at the list of executable extensions that MS
>>> uses, have you?

>> Here's my current list of Stuff I Never Ever Want:
>>
>> com|exe|bat|pif|scr|vbs|hta|msi|dll|bas|wsh|vbe|wsf|shs
>>
>> Am I missing anything?

> Yes. To start with, all the Microsoft Office document types, any of which
> can contain auto-executing (on document opening) macros.

I don't have Microsoft Office, so it's not a problem for me
personally. Granted it's a sticky wicket for Windows users.

> Then the various
> executable Windows script types, a list that grows longer with each passing
> year. Both largely missing from your list above.

Mind sharing with the class? Hell, I don't even know what
some of those are; I grabbed the list from a web page that
was posted here the other day, and added MSI myself. (I
edu-guess that WSH and WSF refer to Windows Scripting, which
in turn I edu-guess is a fancification of the old DOS .BAT
files. I have no idea what SHS is, but I've never wanted
any files with that extension, so I left it in the filter.)

Another possible approach is to allow certain known-harmless
extensions (e.g. txt|html|pdf|gif|jpg|png), trash known-risky
extensions, and put anything else in a "check me" folder. If
something shows up there, then its extension can be considered
for addition to one of the other lists.

>>> Back to smtp - I have to let legitimate attachments/downloads through; we
>>> regularly send/receive files of all sorts sorts of extensions, including
>>> .exe, and sometimes exceeding 10MB.
>>
>> I would highly suggest zipping them, and/or coming up with a method of
>> transfer other than e-mail (e.g. FTP).
>
> Doesn't address the original issue. Ultimately someone unzips the file and
> has to decide how to proceed. Just like now.

But you can allow zips while disallowing executables, which is a lot
easier to automate than allowing legitimate executables while
disallowing virus executables.

Relevant Pages

  • Application mapping - how can I dig deeper?
    ... Our dBASE executable files (.DBW extension) were generating 404 Errors ... When I add a web service extension pointing to the ... So my best assumption here is that the .dbw invokes other executables ...
    (microsoft.public.inetserver.iis)
  • Re: File compatibility issues with LAN drive
    ... launch the application registered for that file extension. ... normally not make any difference from the point of view of windows. ... problem because Windows always wants to start them as executables. ... There are some really wild differences between *nix file permissions ...
    (sci.electronics.design)
  • Re: GP not applying for W2000 TS User
    ... Make sure your loopback setting is in a different policy than your other ... > Here's a verbose version of the user env log: (the GPO is ... > lists are the same. ... > and no security group membership change and extension ...
    (microsoft.public.win2000.group_policy)
  • Re: [SLE] CPU-Z For Linux?
    ... I went to my CLI and typed the /proc/cpu info. ... /proc/* are text files, not executables or scripts. ... extension. ... All the information is in KInfoCenter. ...
    (SuSE)
  • Re: list conversion to mallocd memory
    ... >> be called from my tcl C command extension to pass data back and forth ... > convert only between arrays of numbers and Tcl lists, ... it into an long array which i feed to the card. ...
    (comp.lang.tcl)