Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Article about virus sending zip files
- Thread starter nh39
- Start date
I beg to disagree.
You NEED to block zip files (and a helluva lot others). That way, when the next zip virus strikes, you will not be vulnerable while waiting for you AV vendor to update its virus signature database.
And this is why, too.
You NEED to block zip files (and a helluva lot others). That way, when the next zip virus strikes, you will not be vulnerable while waiting for you AV vendor to update its virus signature database.
And this is why, too.
Blocking arguably the largest method of transfering legitimate files between networks is silly.
Keep your systems up-to-date across the boards is the answer to virus threats. If you continue to prevent file types from being transfered via email because some script idiot decides to write yet another virus using that file extension will only force you to eventually not permit *any* file being sent via email.
So, disagree all you like, but your method won't work either.
I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
Keep your systems up-to-date across the boards is the answer to virus threats. If you continue to prevent file types from being transfered via email because some script idiot decides to write yet another virus using that file extension will only force you to eventually not permit *any* file being sent via email.
So, disagree all you like, but your method won't work either.
I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
- Thread starter
- #5
I'm with Dalong 100% on the fact that AV vendors can't release updates fast enough. Besides, I've tested both McAfee and Symantec products on the Exchange server to catch compressed files containing malicious codes and success rates don't look confident.
- Thread starter
- #7
- Thread starter
- #8
No idea, I don't use the McAfee product, sorry.
My job as Network Admin is to do everything possible to keep our systems protected and not intrude upon the daily life of users whenever possible. Denying them the ability to send .zip files is a huge intrusion. When the first wave of .zip viruses came out, we temporarily shut down .zip files until we had a handle on what was going on. That lasted just a few days, and it was a huge issue with our users, as it would have been expected to be.
Education is a large part of my job as well, to educate the users what to do and when. The basic approach that if you weren't expecting an attachment from someone, even someone you know, and you don't know what the attachment is or what its for, then you don't open it. Contact the sender to find out why they sent it and what it is. If you can't get hold of the sender, then delete it. If it was important, then they can always resend it.
These latest rounds of viruses were all socially engineered viruses where education of the users is the best approach.
Beyond that, my systems are updated daily with virus sigs, and any Critical Updates from MS when required as well. Does it guarantee we won't get a virus through the system? Absolutely not. But neither does denying the users the ability to send/receive .zip files without having to manipulate them.
I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
My job as Network Admin is to do everything possible to keep our systems protected and not intrude upon the daily life of users whenever possible. Denying them the ability to send .zip files is a huge intrusion. When the first wave of .zip viruses came out, we temporarily shut down .zip files until we had a handle on what was going on. That lasted just a few days, and it was a huge issue with our users, as it would have been expected to be.
Education is a large part of my job as well, to educate the users what to do and when. The basic approach that if you weren't expecting an attachment from someone, even someone you know, and you don't know what the attachment is or what its for, then you don't open it. Contact the sender to find out why they sent it and what it is. If you can't get hold of the sender, then delete it. If it was important, then they can always resend it.
These latest rounds of viruses were all socially engineered viruses where education of the users is the best approach.
Beyond that, my systems are updated daily with virus sigs, and any Critical Updates from MS when required as well. Does it guarantee we won't get a virus through the system? Absolutely not. But neither does denying the users the ability to send/receive .zip files without having to manipulate them.
I'm Certifiable, not certified.
It just means my answers are from experience, not a book.
- Thread starter
- #10
Well, I have to say congrat to you on 2 things.
1) having a working AV software
2) working with the trainable users
I'm with users whom I've tried to teach simple things such as how to create folders and organize their files for a million times and they can never get it.
1) having a working AV software
2) working with the trainable users
I'm with users whom I've tried to teach simple things such as how to create folders and organize their files for a million times and they can never get it.
- Status
