On Mon, 01 Mar 2004 at 21:04:55 -0500, Derrick 'dman' Hudson wrote:
Is the zip file really encrypted, or is the password just an
Really.
advisory flag that an unzip tool is supposed to honor? If its the
latter, then clamav could just ignore the password to unpack and scan
the archive
On Tue, 02 Mar 2004 at 3:38:32 -0500, jef moskot wrote:
On Tue, 2 Mar 2004, Tomasz Papszun wrote:
So please folks, stop submitting encrypted zip files (without a full
message) to us as it's quite impossible to create a signature for them.
Does this mean you still want samples including
On Tue, 2 Mar 2004, Tomasz Papszun wrote:
As usually: only if ClamAV with an up-to-date database isn't detecting
an infection in a sample. In this particular case a sample = a full
message sample.
Roger that. Up until a few minutes ago, a few samples had gotten through,
but things look good
On Tue, Mar 02, 2004 at 09:37:48AM +0100, Tomasz Papszun wrote:
| On Mon, 01 Mar 2004 at 21:04:55 -0500, Derrick 'dman' Hudson wrote:
|
| Is the zip file really encrypted, or is the password just an
|
| Really.
Oh, ok. I guess zip files can be more secure than I assumed at first.
-D
--
I
At 10:04 AM 3/2/2004 +0100, Tomasz Papszun wrote:
As usually: only if ClamAV with an up-to-date database isn't detecting
an infection in a sample. In this particular case a sample = a full
message sample.
OK - I am still receiving emails containing a PW-protected zip with this
virus. Should I
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of B.K. DeLong
Sent: 2. marts 2004 17:06
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] Re: password-protected Worm.Bagle.F
OK - I am still receiving emails containing a PW-protected
On Tue, 02 Mar 2004 at 11:05:53 -0500, B.K. DeLong wrote:
At 10:04 AM 3/2/2004 +0100, Tomasz Papszun wrote:
As usually: only if ClamAV with an up-to-date database isn't detecting
an infection in a sample. In this particular case a sample = a full
message sample.
OK - I am still receiving
Bill Taroli,
BT Perhaps a silly question... if the .ZIP attachment is passworded, how
BT are the target users supposed to be opening them and getting infected?
BT Has the password been included in the email in which the .ZIP was attached?
Perhaps the password is in the message :
Open my
On Mon, Mar 01, 2004 at 09:06:12PM +0100, Erik Corry wrote:
| On Mon, Mar 01, 2004 at 05:31:35PM +0700, Fajar A. Nugraha wrote:
| Bill Taroli wrote:
| However, judging from the fact that it IS spreading in my network now,
| some people tend to do exactly that.
|
| Kaspersky have added the