Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	First iPhone worm spreads Rick Astley wallpaper
•	Four reasons to buy (and one reason to avoid) the Droid
•	Stimulus for tech and telecom $3B, but jobs still guesswork
•	Cisco MARS shuts out new third-party security devices
•	Verizon Droid buzz muted in Boston
•	Week in Google news: Google Dashboard, Droid fever, focus on e-commerce
•	Cloud computing, virtualization proponents getting antsy
•	Data center start-up offers energy saving software
•
•	Vendors scrambling to fix bug in Net's security
•	Judge dismisses lawsuit challenging Gartner's Magic Quadrant
•	Boston Celtics clamp down on spam
•	Cloud computing inevitable? Not so fast, educator says
•	Blue Coat slashes staff, buys S7 services company
•	Apple seeks new sheriff to lock up iPhones
•	More breaking news

Applications /

A way to defeat e-mail virus filtering

Sign up to receive this and other networking newsletters in your inbox.

By Michael Osterman
Network World Messaging Newsletter, 09/30/02

In mid-September, SecuriTeam issued a warning about a simple technique that could potentially defeat antivirus systems using nothing more than Microsoft Outlook Express.

SecuriTeam, a group within Israel's Beyond Security, provides information and tools to help deal with computer security threats. The group provides a wealth of useful information regarding security holes in various products and protocols, as well as advice on making systems more secure.

Outlook Express, Outlook 2000 (in Internet mode) and several other e-mail clients have a very useful and user-configurable feature that will split a large message into two or more smaller messages. This is done so that large messages can be sent more efficiently over low-speed connections, or so that large messages can bypass ISP-imposed message size limits. The segmentation of the message is transparent to the sender, as is the reassembly of the message by the recipient's client.

While this feature is potentially very useful, it does have a downside: If a message contains a virus, that virus might be able to slip through gateway-, server- or desktop-based virus scanners undetected. This is because the virus also is split up into smaller parts along with the message and so may not be recognized by the scanner. Once the message is reassembled on the client's computer it could then execute. This feature could also potentially be used to defeat other types of content-scanning systems, such as spam- or pornography-filtering systems.

Fortunately, many of the leading vendors of virus- and other content-filtering systems are aware of this problem and have developed various solutions. Included among these vendors are Symantec, Trend Micro and McAfee, although some vendors' solutions may require that users download a patch or update.

Information on this security threat is available at:

www.securiteam.com/securitynews/5YP0A0K8CM.html

RELATED LINKS

IBM, Microsoft shift battle lines
Network World, 09/30/02

Michael D. Osterman is the principal of Osterman Research, a market research firm that helps organizations understand the markets for messaging, directory and related products and services. He can be reached by clicking here.

Messaging archive
Past newsletters.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.

Click Here

alt text

Click Here

HOME

RESEARCH CENTERS

NEWS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.