On Tue, 23 Jun 2009, Kenneth Porter wrote:
--On Monday, June 22, 2009 5:59 PM -0700 John Hardin <jhar...@impsec.org>
wrote:
On Mon, 22 Jun 2009, Cerebus wrote:
> The zip file contains a file with the name:
> document.pdf .exe
> (note the long run of spaces)
My security sanitizer would quarantine that.
http://www.impsec.org/email-tools/procmail-security.html
As would MIMEDefang. http://mimedefang.org/
The danger is for those users who have filter bypasses configured, as the
spaces might make it hard to spot the extra extension.
That's precisely why that particular name pattern is poisoned by default.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
USMC Rules of Gunfighting #12: Have a plan.
USMC Rules of Gunfighting #13: Have a back-up plan, because the
first one won't work.
-----------------------------------------------------------------------
11 days until the 233rd anniversary of the Declaration of Independence
