Rikku
Thread Starter
- Joined
- Dec 11, 2001
- Messages
- 743
Check out this quote I got about a new virus called 'Gokar'.
"Infected e-mail arrives in user inboxes with dozens of combinations of different subject lines, body messages and filenames, though each attachment will end with the .PIF, .SCR, .EXE., .COM or .BAT extensions, the companies said."
"Users should check with their antivirus companies for software updates. Companies are urged to block attachments, especially .exe., .scr. and .pif file, at their mail gateways to avoid infection."
This isn't anything new, but I'm struggling with the issue of blocking such attachments at my gateway. To me, stripping all attachments as a precaution isn't a fun idea.
Right now I'm blocking .vbs .shs .pif at my virus gateway.
Not many files that aren't viruses come through with those extensions. (although someone emailed me a zip file update to PcAnywhere with tons of scrap files (shs) and it got totally trashed - the gateway opened it up, stripped the files out, zipped it back up! not cool!)
So what should I realistically block? Users send who knows what stuff back and forth all the time. I can see where users would be legitimately emailing .exe and .scr files. I hate having to reduce my network's functionality because of possible virus threats -- it makes me feel like they've beaten me without even infecting my system!
So whaddya think?
"Infected e-mail arrives in user inboxes with dozens of combinations of different subject lines, body messages and filenames, though each attachment will end with the .PIF, .SCR, .EXE., .COM or .BAT extensions, the companies said."
"Users should check with their antivirus companies for software updates. Companies are urged to block attachments, especially .exe., .scr. and .pif file, at their mail gateways to avoid infection."
This isn't anything new, but I'm struggling with the issue of blocking such attachments at my gateway. To me, stripping all attachments as a precaution isn't a fun idea.
Right now I'm blocking .vbs .shs .pif at my virus gateway.
Not many files that aren't viruses come through with those extensions. (although someone emailed me a zip file update to PcAnywhere with tons of scrap files (shs) and it got totally trashed - the gateway opened it up, stripped the files out, zipped it back up! not cool!)
So what should I realistically block? Users send who knows what stuff back and forth all the time. I can see where users would be legitimately emailing .exe and .scr files. I hate having to reduce my network's functionality because of possible virus threats -- it makes me feel like they've beaten me without even infecting my system!
So whaddya think?
