On May 23, 2018, at 1:56 PM, Paul Gilmartin <[email protected]> wrote: > > And other firewalls block .zip instead (or also). After all, a .zip might > contain > anything, including executable code. Some firewalls have a whitelist. And I > dealt recently with one that blocked a .eml (Forward as Attachment). > > MIME-encode it; strip headers; name it *.txt. or wrap it as *.pdf. But don't > rely on a filename as defense against malware. See: "steganography".
Yes. I wasn’t trying to suggest that such firewalls are a good idea, or that renaming to .zip is a good way to get around them. I just was guessing that someone tried to get the .jar file and was blocked, then they complained to the vendor, and someone at the vendor said, “Well, a .jar file is really a .zip file too, so let’s name it that and let them rename it.” -- Pew, Curtis G [email protected] ITS Systems/Core/Administrative Services ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
