Ilici Ramirez writes: > Hello, > > What ways do you know to pen-test email antivirus > software? I'd try to pack various combinations of different file-formats into each other (OLE-container). E.g., if they have disabled .exe to enter or leave the LAN, try sticking it into an Excel or PPT-file. It should not work, but that's what you're supposed to find out. ;-) Of course, with webmail-over-https this is 80% pointless nowadays... > A cool one that has been published before is to zip a > very large file that contains the same character. The > result, a very small file attached to an email could > deplete resources on the antivirus server. Do you know > any AV exploitable with this? It's called 42.zip and there has been a discussion about this once in a while. Search the archives. cheers, Rainer -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich rainer@ultra-secure.de Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri May 17 2002 - 11:09:46 PDT