Wellllll best... but not impossible to do it at the firewall; you can do string matching in iptables (Linux). You might need a powerful computer and fast NICs tho otherwise performance might be a bit bad! ;)
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Vladimir Parkhaev > Sent: Friday, 29 August 2003 3:17 a.m. > To: William Warren > Cc: Fabio Gomes de Souza; [EMAIL PROTECTED]; > [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] AV "feature" does more DDoS than Sobig > > > Quoting William Warren ([EMAIL PROTECTED]): > > this is the very reason i block all executables at my > firewall...plus it > > reduces the load on my workstations from having to scan all that > > garbage..<G> > > firewall? the best place to block IMHO will be on mail gateways > ( you can bounce it with a nice message like 'atttachements of this > type are not welcome here' ).... > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html