Wellllll best... but not impossible to do it at the firewall; you can do string matching in iptables (Linux). You might need a powerful computer and fast NICs tho otherwise performance might be a bit bad! ;) > -----Original Message----- > From: full-disclosure-adminat_private > [mailto:full-disclosure-adminat_private] On Behalf Of > Vladimir Parkhaev > Sent: Friday, 29 August 2003 3:17 a.m. > To: William Warren > Cc: Fabio Gomes de Souza; bugtraqat_private; > full-disclosureat_private > Subject: Re: [Full-Disclosure] AV "feature" does more DDoS than Sobig > > > Quoting William Warren (hescominsoonat_private): > > this is the very reason i block all executables at my > firewall...plus it > > reduces the load on my workstations from having to scan all that > > garbage..<G> > > firewall? the best place to block IMHO will be on mail gateways > ( you can bounce it with a nice message like 'atttachements of this > type are not welcome here' ).... > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Thu Aug 28 2003 - 13:34:49 PDT