Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Apple tops the $100B+ tech club
How to get the IRS' attention: Forge nearly $8 million in tax returns, steal identities
Microsoft details Windows 8 for ARM devices
Blogger exposes major Google Wallet security flaw
Web app lets enterprise set security, sharing for Google Apps users
Cloudscaling to offer OpenStack private cloud platform
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
Resume Makeover: How an Information Security Professional Can Target CSO Jobs
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
/

A way to defeat e-mail virus filtering

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By Michael Osterman
Network World Messaging Newsletter, 09/30/02

In mid-September, SecuriTeam issued a warning about a simple technique that could potentially defeat antivirus systems using nothing more than Microsoft Outlook Express.

SecuriTeam, a group within Israel's Beyond Security, provides information and tools to help deal with computer security threats. The group provides a wealth of useful information regarding security holes in various products and protocols, as well as advice on making systems more secure.

Outlook Express, Outlook 2000 (in Internet mode) and several other e-mail clients have a very useful and user-configurable feature that will split a large message into two or more smaller messages. This is done so that large messages can be sent more efficiently over low-speed connections, or so that large messages can bypass ISP-imposed message size limits. The segmentation of the message is transparent to the sender, as is the reassembly of the message by the recipient's client.

While this feature is potentially very useful, it does have a downside: If a message contains a virus, that virus might be able to slip through gateway-, server- or desktop-based virus scanners undetected. This is because the virus also is split up into smaller parts along with the message and so may not be recognized by the scanner. Once the message is reassembled on the client's computer it could then execute. This feature could also potentially be used to defeat other types of content-scanning systems, such as spam- or pornography-filtering systems.

Fortunately, many of the leading vendors of virus- and other content-filtering systems are aware of this problem and have developed various solutions. Included among these vendors are Symantec, Trend Micro and McAfee, although some vendors' solutions may require that users download a patch or update.

Information on this security threat is available at:

www.securiteam.com/securitynews/5YP0A0K8CM.html

RELATED LINKS

IBM, Microsoft shift battle lines
Network World, 09/30/02

Michael D. Osterman is the principal of Osterman Research, a market research firm that helps organizations understand the markets for messaging, directory and related products and services. He can be reached by clicking here.

Messaging archive
Past newsletters.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.