> "Noonan, Wesley" <[EMAIL PROTECTED]> said:
> Blocking all .vbs seems like a little overkill to me...
Why is it overkill? From a security standpoint running an unknown executable is an
open invitation to disaster.I know there is great utility in automatically running
executables, but it is fraught with danger.
This is not just an MS problem, although their software has some really bad security
design features. To cite an example, in the early days on the Internet, the lowly vi
editor added a feature to allow execution of macros imbedded in text files. This
allowed setting editor controls automatically for specific document types. It was
deemed a bad feature and removed, since you could run any arbitary program when a user
opened a file with the editor. With this particular feature it was easy to set a trap
for a user running with superuser privileges and create a root backdoor.
The VBS problem continues to plague email systems. The worms are easy to write and
easy to distribute and there are enough non-security aware email users to redistribute
them. Until software designers write code with security in mind coupled with a
concerted effort at user training, we will continue to see these kind of problems.
--
Smoot Carl-Mitchell
Strategic Technologist - Managed Services
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
