[TriLUG] How not to run a network
Dan Monjar
dan at daijin.dissimulo.com
Wed Feb 16 09:43:58 EST 2005
William Sutton wrote:
> - any files with extensions (it seems) other than .txt or .dat are banned
> from email attachments (but you can rename them to .dat if you like...)
>
I am a corporate IS security geek and I do this... actually I strip 10
or so attachments from mail messages. Anything executable like .cmd,
.exe, .bat, .scr, etc.... If you want to send it out then rename it to
something innocuous. It prevents dumbasses from clicking on unknown
attachments and prevents *helpful* programs from running things auto
magically. Haven't had an email virus since the Kournikova one.
Since W2K added native zip handling I strip those as well.
If you can't or won't rename a file then your computer should be taken away.
--
Dan Monjar
More information about the TriLUG
mailing list