Yo Mike!
On Tue, 8 May 2001, Mike Fisk wrote:
For example, if you have a policy that blocks ActiveX and a firewall that
filters that MIME type, I can always mis-label my ActiveX as a GIF or text
and send it. But then only a colluding recipient would execute it as
ActiveX. However, if the receiver doesn't use the MIME type, but handles
the content based on something else like filename suffix, then filtering
on MIME types is pointless.
Not true. Many of the recent Windows exploits have depended on the fact
that M$ often executes a downloaded file depending on file magic instead
of the MIME type or file extention. They fool the firewall and virus
scanner in to thinking a malicious file is one that in non-excutable, then
M$ goes and excutes it.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701
gem(_at_)rellim(_dot_)com Tel:+1(541)382-8588 Fax: +1(541)382-8676