Chris, On 06/24/2011 01:37 PM, Christian Sciberras wrote: > You shouldn't filter against known files, but do the reverse, you should > filter against known good files. > > Oh and the medium you decide to throw this data should have special checks > against execution etc... >
Yeap! I know that, "yes to white lists" and "avoid the use of black lists", and other stuff related to a secure file up-loader, but the filter I'm trying to bypass is like the one I described. anyway, thanks for your quick response! regards, -- Nahuel Grisolia - C|EH Information Security Consultant Bonsai Information Security Project Leader http://www.bonsai-sec.com/ (+54-11) 4777-3107 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
