nanog mailing list archives
Re: dealing with w32/bagle
From: "Dominic J. Eidson" <sauron () the-infinite org>
Date: Wed, 3 Mar 2004 14:54:06 -0600 (CST)
On Wed, 3 Mar 2004, Brian Wilson wrote:
Quoting Dan Hollis <goemon () anime net>:I am curious how network operators are dealing with the latest w32/bagle variants which seem particularly evil.I am also interested in what network/mail folks are doing about this situation. Blocking all zip files at the mail level is next to impossible (since of course when we started blocking executable files, we told people to zip up executables) and since business can't be taken care of without someone requiring zip files to pass. I will be the first to admit that using mail as a file transfer protocol isn't the way to go, but getting people to realize that (and forcing them to change) is next to impossible.
Blocking all zip/exe/pif/etc files - seems to work pretty well here - granted, it's on a smaller scale (~6k users, ~50k emails/day, ~7k mails rejected/day, ~7k spam filtered/day) - d. -- Dominic J. Eidson "Baruk Khazad! Khazad ai-menu!" - Gimli ------------------------------------------------------------------------------- http://www.the-infinite.org/
Current thread:
- dealing with w32/bagle Dan Hollis (Mar 03)
- Re: dealing with w32/bagle Brian Wilson (Mar 03)
- Re: dealing with w32/bagle Dominic J. Eidson (Mar 03)
- Re: dealing with w32/bagle Jeffrey I. Schiller (Mar 03)
- Re: dealing with w32/bagle Chris Edwards (Mar 03)
- Re: dealing with w32/bagle Curtis Maurand (Mar 03)
- Re: dealing with w32/bagle Laurence F. Sheldon, Jr. (Mar 03)
- Re: dealing with w32/bagle Curtis Maurand (Mar 04)
- Re: dealing with w32/bagle Jeff Shultz (Mar 04)
- Re: dealing with w32/bagle Laurence F. Sheldon, Jr. (Mar 04)
- Re: dealing with w32/bagle Crist Clark (Mar 04)
- Re: dealing with w32/bagle Curtis Maurand (Mar 04)
- Re: dealing with w32/bagle Sam Stickland (Mar 05)
- Re: dealing with w32/bagle Brian Wilson (Mar 03)