[Esd-l] How to mangle contents of a .zip file?
Brian Hampton
bhampton at hisolutions.net
Tue Mar 9 09:19:42 PST 2004
I recently set up .141 so that I could deal with all of the Beagle/Bagle
.zip viruses shooting around. But we do send quite a lot of legitimate
executables within .zip files.
I misunderstood the new .zip file features, thinking it would simply
mangle the name within the .zip file according to the same
MANGLE_EXTENSIONS directive that straight attatchments are subject
to. Am I correct in my conclusion that the .141 version does not
allow me to mangle filenames within .zip files? I have only been
able to poison them thus far. If so, is this something you would
consider in the future?
I would prefer to not treat an executable differently depending
on if it's in a .zip file. We don't poison much here, we simply
defang (because we send so many legit executables around).
brian
More information about the esd-l
mailing list