Forwarded from: Russell Coker <russell@private> On Thu, 12 Feb 2004 23:44, InfoSec News <isn@private> wrote: > Forwarded from: Cuadros Alvaro <acuadros@private> > > I woudn't consider that as a serious problem, Zipping ( Commpressing > ) a file has its limits you can not compress beyond what the > compression algorithms allow you to. Just try to zip or rar a file > 20 times , the result is going to be the same at the end than the > one you had in the third round. It is a serious problem. Files comprised of only zeros compress really well. The compression ratio is determined by the block size for run length compression and the size of the encoded blocks. A quick test with gzip (which AFAIK implements similar algorithms to zip) compressed 100M of zeros to just under 100K (better than 1024:1 compression). For business email 5M-10M attachments are common, such attachments would permit 5G or 10G of compressed data. Many virus scanners don't have 10G of disk space free. Also most virus scanners are configured to scan messages in parallel, so if 50 messages with 10G of compressed data were sent through at the same time it will probably stop any anti-virus system. I also did a test of bzip2 compression, it compressed 100M of zeros to 120 bytes... -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Feb 13 2004 - 10:09:11 PST