Dangerous File Attachments
列印
-
Email, MailScanner, File Attachments
- 1
The following is a list of file attachments that may be blocked by the service (the attachments are removed from emails before delivery to you and placed in a quarantine area for 30 days should you wish to receive them):
These are known to be dangerous in almost all cases:
| .reg |
Possible Windows registry attack |
| .chm |
Possible compiled Help file-based virus |
| .cnf |
Possible SpeedDial attack |
| .hta |
Possible Microsoft HTML archive attack |
| .ins |
Possible Microsoft Internet Comm. Settings attack |
| .jse_ |
Possible Microsoft JScript attack |
| .lnk |
Possible Eudora *.lnk security hole attack |
| .ma_ |
Possible Microsoft Access Shortcut attack |
| .pif |
Possible MS-Dos program shortcut attack |
| .scf |
Possible Windows Explorer Command attack |
| .sct |
Possible Microsoft Windows Script Component attack |
| .shb |
Possible document shortcut attack |
| .shs |
Possible Shell Scrap Object attack |
| .vbe or .vbs |
Possible Microsoft Visual Basic script attack |
| .wsc .wsf .wsh |
Possible Microsoft Windows Script Host attack |
| .xnk |
Possible Microsoft Exchange Shortcut attack |
These 2 added by popular demand - Very often used by viruses:
| .com |
Windows/DOS Executable |
| .exe |
Windows/DOS Executable |
These are very dangerous and have been used to hide viruses:
| .scr |
Possible virus hidden in a screensaver |
| .bat |
Possible malicious batch file script |
| .cmd |
Possible malicious batch file script |
| .cpl |
Possible malicious control panel item |
| .mhtml |
Possible Eudora meta-refresh attack |
Deny filenames ending with CLSID's
| {[a-hA-H0-9-]{25,}\} |
Filename trying to hide its real extension |
Examples:
- A977FF0C-8757-4E76-8533-482F91946233
- 000209FF-0000-0000-C000-000000000046
Deny filenames with lots of contiguous white space in them:
- Filename contains lots of white space
- Deny all other double file extensions. This catches any hidden filenames:
Examples:
- .txt.pif
- .doc.pif
- .doc.com
- .txt.exe
這篇文章有幫助嗎?
