On Wed, 2004-03-03 at 07:17, CertaintyTech-Ed wrote: > Anyone else seeing the Bagle-H virus getting thru? I am using Q-S and > sophie and it is not stopping them. Sophie sees that the ZIP file is > password encrypted so can't check it for viruses and Q-S goes ahead and > passes it thru. Does anyone know of any way to catch this one? For now > I am blocking all ZIP attachments...
Please let me know when you find ANY e-mail AV system that can catch this virus... i.e. I don't think so. I know there's one that "catches" it by looking at the content of the text part of the message - before the actual zip attachment - but that doesn't really count. Password protected zip files - and people still get infected! When will the naivety end? This is why we have the phrase "defense in depth". Run e-mail AV systems to get rid of 99% of your viruses, but you still need to run nightly scans over old e-mails (to catch the Day Zeros that got through earlier), and you definitely still need to run AV on workstations (which would catch this particular one - as once the user unlocks the virus, their AV can detect it). Obviously such a luxury is appropriate for corporations, but is impossible to mandate for ISPs/etc... Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
