On Tue, Mar 02, 2004 at 11:59:19AM -0600, John Jolet wrote: > >> The question is how much of a problem it really is. Are users >> really that dumb? > > yes, they are. i've gotten about 10 of those in the last 3 days.
That doesn't actually prove that anyone typed in the password and got infected. The version with unencrypted zip file can send the version with encrypted zip file to others. The best defence against it (if it really is a problem) might be blocking encrypted zip files with suspicious filenames in them. You can see that the file contains a .exe .pif, etc. ending without the password. That's probably not a task for clamav though, more like MIMEDefang: http://www.mimedefang.org/ Someone seems to have been giving this some thought: http://lists.roaringpenguin.com/pipermail/mimedefang/2004-March/020563.html -- Erik Corry I'd be a Libertarian, if they weren't all a [EMAIL PROTECTED] bunch of tax-dodging professional whiners. - B. Breathed. ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
