Malware "best practices"
Drew Van Zandt
drew.vanzandt at gmail.com
Wed Jul 26 15:25:01 EDT 2006
> I find blocking all executable files in email and on the web is
> pretty effective.
I feel for any engineers who have to fight that system. Blocking by
executable extension is one thing (I can rename) but scanning to see
if it WOULD BE executable if someone renamed it is asshattery on a
grand scale. (Renaming the file automatically to
IFYOURUNTHISANDITKILLSYOURCOMPUTERITWILLNOTBEABLETOHELPYOU.blah.xex is
more reasonable.)
Yes, I've had to try to work around broken policies like that and no,
they didn't last - the cost incurred by an engineering group dealing
with restrictions like that is LARGE. Once it was documented, it was
fixed. (For engineering only, though.)
--DTVZ
More information about the gnhlug-discuss
mailing list