Re: [Clamav-users] What's this? I can't believe it!

Mon, 21 Jan 2008 06:07:32 -0800 

On Sun, 20 Jan 2008 21:53:39 -0600
Brandon Perry <[EMAIL PROTECTED]> wrote:

> That still seems a bit "over-the-top". Sure, better safe than sorry,
> but I wouldn't just blindly delete any exe that I come into contact
> with (via email or otherwise). Especially on Linux, you can get
> archives zipped into an exe format that are unzipped via unzip -a.
> That is quite a common format in the Windows world, and I haven seen
> a few times within the Linux world also. Magic numbers can't tell it
> is an archive, so you would think it is just a regular binary, but I
> know for a fact Dell does many of their drivers in this format.
> 
> With the whole Intel thing, even through emulation, this could be a
> stretched argument. Sure, there are architecture-independent viruses,
> but I haven't heard of a virus that can attack on any platform through
> the architecture itself. I am sure that in the future, these will be
> common, but I don't think this is something that we should be worrying
> about now. Please correct me if I am wrong in saying this as I am not
> pretending to know everything about the virus infections, this is just
> from experience.

Since, potentially any file could be executable, why not simply delete
every file, irregardless of whether or not it is a proven VIRUS or
contains other undesirable content? The naysayers would have us
simply delete any file based on an unproven pretext that the file might
be undesirable.

As the above poster stated, many files are distributed as compressed
'exe' files. To delete them out of blind ignorance is totally
unacceptable in any well organized business environment.

If the receiving mail system has installed proper safeguards; i.e., AV
and associated mail scanning software and assuming the SA actually
keeps the software and their associated data files current, the chance
of a disaster occurring are negligible. Of course, if an individual
want to guarantee virtually 100% security, all they need do is unplug
their machine.

-- 
Gerard
[EMAIL PROTECTED]

The Feynman Problem-Solving Algorithm:
        (1) write down the problem.
        (2) think very hard.
        (3) write down the answer.

                Murray Gell-Mann

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Reply via email to