Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • Interesting, so that'll be why I receieved this message this morning from a client:
    Please note that due to action taken by our IT colleagues, we will be unable to receive .zip attachements today (26/06/03). I apologise for any inconvenience.

    What kind of crappy software doesn't look inside container files for viruses. Even the abominable mailsweeper, which I thoroughly despise , handles this.

    -Dom

    • One of my clients is a big company. They have a even crappier mailscanner which silently deletes attachments it doesn't like. On the other hand it's perfectly fine with exe files inside zip files though, or exe files renamed to zip files!

      Somebody needs to invent some way of sending files too people without having to resort to email. It is way to low tech and inneficient.
      • I kind of know why they might wish to do this actually. There was a zip file floating around somewhere which expanded vastly in size, and contained more copies of itself. It was only about a hundred Kb. :-)

        -Dom

      • ...perhaps the web?
        --

        ------------------------------
        You are what you think.
        • I couldn't either, but I could find it on my harddisk, so I put it here [ccl4.org]. Beware - it expands to 5 levels of zip files, ultimately containing 1048576 copies of a 4294967295 byte file named 0.dll. Don't try downloading it if you think you may be behind a web proxy that attempts to scan passing traffic.

    • What kind of crappy software doesn't look inside container files for viruses.

      The kind that isn't written in Perl and can't use Archive::Zip, Archive::Tar, etc to interrogate the contents, perhaps? I'm not exactly sure how the MessageLabs [messagelabs.com] product does it, but to date it has stopped every unknown virus in the wild that it's come across, including the attempts to hide inside multi-zipped files or the latest 3 level extensions.

      Its pretty cool to be considered one of the top anti-virus companies in the world

    • What kind of crappy software doesn't look inside container files for viruses. Even the abominable mailsweeper, which I thoroughly despise , handles this.

      More likely is that their AV vendor hadn't released updates to catch the virus by this point. And given that the vendors couldn't agree on what was the definitive list of .zip files that were likely to contain the virus, blocking all .zips isn't too bad an idea, at least until you're sure that the AV software is sufficiently up to date.

      N