On 12/29/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > So far we have been lucky at EWEB I think > > we do block .wmf and .emf files at the proxy ( though this wont protect > renamed files ) > > we also are blocking 195.225.176.x - 195.225.177.x which is where > most of the exploits are coming from ( Ukraine ) > > .. and a lot of fingers crossed until a patch comes out.
It does use a standard file header, and can be relatively easily blocked by snort http://isc.sans.org/ has the snort rules, up now. -- http://Zoneverte.org -- information explained Do you know what your IT infrastructure does?
_______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
