TWiki Home TWiki . Protector . AnnounceVersion1006 ( vs. r1.1) TWiki webs:
Know?| Main | Protector | TWiki |
Protector . { Home | Changes | Index | Search | Go }
 <<O>>  Difference Topic AnnounceVersion1006 (r1.1 - 18 Jul 2002 - ChrisLowth)
Added:
>
>

%META:TOPICINFO{author="chris.lowth" date="1026996000" format="1.0" version="1.1"}%

Protector 1.00.6 Annnouncement - July 18, 2002

Update 6 of protector 1.00 has been released for RedHat GNU-Linux versions 6.0, 6.1, 6.2, 7.0, 7.1, 7.2 and 7.3 systems, and as an "beta" testing release for Sun Solaris.

This update of the protector software ..

  • Corrects the "bad filename" testing logic for mails in which attachment names are encoded in the Content-Disposition header only.

Version 1.01 is also now available as a development beta release, for testing and documentation. This reworked protector release handles MS office and other document formats more intellegently - including the checking of embedded objects but is currently still under development..

For information and download of both versions, visit: http://protector.sourceforge.net/

Protector checks incoming e-mail messages for attachments that could contain viruses, worms etc - and replaces the offending attachments with standard warning messages before being passed to "procmail" for local delivery. The original "dangerous" attachment is saved in a directory that only the root user can access.

Protector is NOT a virus scanner in the traditional sense: It does NOT scan attachments for virus signatures, but blocks attachments that could contain viruses. So *.exe, *.vba etc attachments don't get through. This means that you don't have to keep protector up to date to stay protected against the growing tide of new viruses and worms.

Protector does not work by blocking listed types, but by blocking ALL BUT the listed types. For details of the attachment types "allowed through", please refer to the web site.

The logic employed by protector to determine the file types contained in attachments is based on a modified version of the "file" command, and a number of type-specific validation programs - it does not rely on the actual name of the file, or the "content-type" declared in the attachment header. It also looks inside ZIP, TAR and other archive formats, and checks the files contained in them.

Some types of files are allowed through only under certain conditions. The main example being that MS Word documents are blocked if they contain ANY macros, but allowed through otherwise.

It isn't perfect yet, but it's a start. Assistance in developing the checking logic for new file types is invited.

Chris


Topic AnnounceVersion1006 . { View | Diffs | r1.1 | More }
Revision -
Revision r1.1 - 18 Jul 2002 - 12:40 GMT - ChrisLowth 		Copyright © 2001 by the contributing authors. All material on this collaboration tool is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback.