'RE: Blocking attachments- RE: Virus blocking *.pif'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-virus
Subject:    RE: Blocking attachments- RE: Virus blocking *.pif
From:       "Ghetti, Tim" <tghetti () air-worldwide ! com>
Date:       2004-04-13 15:40:10
Message-ID: 8F33D9EEBB5D62419BAE96153191B20F5C504E () gloria ! air-worldwide ! com
[Download RAW message or body]

Hi friends,

Long time viewer, first time poster....

I would like to get some feedback from this discussion.

My company hosts a web application. We recently decided to let some of
our customers upload small pictures to their accounts.
But instead of storing the pictures at the file system level, we have
decided to store them as part of our database. Now we have discussed
security measures, in limiting the size of the pics and limiting them to
.jpg's only, but no one seems to think that we need to use some sort of
virus/content scanning. Just FYI all of our customers have individual
username/password credentials to log in.

What do you think the neccessity of content/virus scanning is to this if
at all?

Cheers

Tim


> -----Original Message-----
> From: Gerard Mannig [mailto:gerard.mannig@laposte.net] 
> Sent: Thursday, April 08, 2004 1:43 PM
> To: focus-virus@securityfocus.com
> Subject: RE: Blocking attachments- RE: Virus blocking *.pif
> 
> 
> Le 07/04/2004 10:43 Wednesday +1200, Nick FitzGerald ecrivait :
> >And, even if you still aren't concerned try similar experiments with 
> >renamed .EXE files on different OSes and trying all the ways 
> you know 
> >to execute programs
> 
> I even remember an utility written by Greg Miskelly back in 
> "old" 1995 
> allowing to run executable files (under DOS) which *** DO 
> NOT*** have an 
> extension of executable file. IOW, executable files renamed with the 
> following extensions (of course not limited to):
> .xxx
> .xyz
> .<letter><letter><letter>
> 
> and, better, with NO extension at all, could be executed.
> 
> Needless to say that I didn't spread this utioity and that 
> I'm still not 
> spreading it.
> 
> >Now add all the nasty browser (and other) tricks that the 
> bad guys will 
> >use to get their code on your users' machines and it gets much worse.
> 
> Swapping from IE to professionnal browsers allows to 
> immedialy get rid of 
> IE-based flaws. Same goes for M$-based proprietary formats which are 
> "compulsory" only for people that want them to be. 
> Additionnally, this 
> policy fights a monopoly...
> <MODE ACTIVIST AVOIDED>
> 
> 
> 
> 
> -- 
> Gerard Mannig
> ex-member of the Wild List - International Consultant
> 
> 
> 
> 
> --------------------------------------------------------------
> ----------------
> --------------------------------------------------------------
> --------------
> 
> 
> 

------------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_incidents_040301
----------------------------------------------------------------------------



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic