Double the trojans, half the worms

Should you use Dansguardian to block the download of unauthorized attachments, like .zip, .exe, .msi and so on (which a trojan will attempt to download in order to update itself) you should be safe from these type of attacks.

Can anybody confirm this? I'm pretty sure it will help a lot, especially should you get somebody like Stef Murky who opens every single attachment...
 
Alot of the software you download is zip or exe files anyway.
 
This configuration file from Dansguardian will give you an idea as to what files gets blocked and which not...

Code:
#Banned extension list

# File extensions with executable code 

# The following file extensions can contain executable code.
# This means they can potentially carry a virus to infect your computer.

.ade  # Microsoft Access project extension
.adp  # Microsoft Access project
.asx  # Windows Media Audio / Video
.bas  # Microsoft Visual Basic class module
.bat  # Batch file
.cab  # Windows setup file
.chm  # Compiled HTML Help file
.cmd  # Microsoft Windows NT Command script
.com  # Microsoft MS-DOS program
.cpl  # Control Panel extension
.crt  # Security certificate 
.dll  # Windows system file
.exe  # Program
.hlp  # Help file
.ini  # Windows system file
.hta  # HTML program
.inf  # Setup Information
.ins  # Internet Naming Service
.isp  # Internet Communication settings
.js   # JScript file - often needed in web pages
.jse  # Jscript Encoded Script file - often needed in web pages
.lnk  # Windows Shortcut
.mda  # Microsoft Access add-in program 
.mdb  # Microsoft Access program
.mde  # Microsoft Access MDE database
.mdt  # Microsoft Access workgroup information 
.mdw  # Microsoft Access workgroup information 
.mdz  # Microsoft Access wizard program 
.msc  # Microsoft Common Console document
.msi  # Microsoft Windows Installer package
.msp  # Microsoft Windows Installer patch
.mst  # Microsoft Visual Test source files
.pcd  # Photo CD image, Microsoft Visual compiled script
.pif  # Shortcut to MS-DOS program
.prf  # Microsoft Outlook profile settings
.reg  # Windows registry entries
.scf  # Windows Explorer command
.scr  # Screen saver
.sct  # Windows Script Component
.sh   # Shell script
.shs  # Shell Scrap object
.shb  # Shell Scrap object
.sys  # Windows system file
.url  # Internet shortcut
.vb   # VBScript file
.vbe  # VBScript Encoded script file
.vbs  # VBScript file
.vxd  # Windows system file
.wsc  # Windows Script Component
.wsf  # Windows Script file
.wsh  # Windows Script Host Settings file
.wmf  # Windows Metafile - new exploit
.otf  # Font file - can be used to instant reboot 2k and xp
.ops  # Office XP settings 



# Files which one normally things as non-executable but
# can contain harmful macros and viruses

.doc  # Word document
.xls  # Excel document


# Other files which may contain files with executable code

#.gz   # Gziped file
#.tar  # Tape ARchive file
#.zip  # Windows compressed file
#.tgz  # Unix compressed file
#.bz2  # Unix compressed file
.cdr  # Mac disk image
.dmg  # Mac disk image
.smi  # Mac self mounting disk image
.sit  # Mac compressed file
.sea  # Mac compressed file, self extracting
.bin  # Mac binary compressed file
.hqx  # Mac binhex encoded file
#.rar  # Similar to zip


# Time/bandwidth wasting files

.mp3  # Music file
.mpeg # Movie file
.mpg  # Movie file
.avi  # Movie file
.asf  # this can also exploit a security hole allowing virus infection
#.iso  # CD ISO image
.ogg  # Music file
.wmf  # Movie file
.bin # CD ISO image
.cue # CD ISO image

I have unblocked ISO images as I tend to download these a lot.

Also, the option where I add "allowed sites" to the list, will mark said site as "safe" where the above does not apply. Great for allowing access to banking sites which uses Javascript, and blocking access to pr0n sites... :)

Regards

TU
 
Last edited:
Top
Sign up to the MyBroadband newsletter
X