Solved

double Extension prevention

Posted on 2013-11-11
7
33 Views
Last Modified: 2016-07-10
Is there a way to prevent someone from executing a double file extension received in an e-mail or other source?

Ex: .pdf.exe
0
Comment
Question by:larrydrude
  • 3
7 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39639134
Don't we all wish that were true... If you're using outlook as a client it blocks exe's, but not zips, which the users extract and then run :) You can however try to prevent this with more outlook or exchange filters http://support.microsoft.com/kb/837388
you can also search inside compressed attachments:
http://technet.microsoft.com/en-us/library/ff714963.aspx
http://technet.microsoft.com/en-us/library/ff714983.aspx 

Microsoft assumes the file ext starts at the right, moves left until the first dot... that's all, you can't make it understand ".tar.gz" is one file ext. It sees the .gz and that is all.
-rich
0
 
LVL 14

Expert Comment

by:Giovanni Heward
ID: 39639328
Wouldn't it be great to have the e-mail client (and attachments) run in an isolated security container, separate from your primary OS?  When a malicious process is executed it would only affect that virtual space.  This environment could easily be reverted to a clean state using snapshots.  Another approach to this would be running your email client (and attachments) in the cloud, whereas the cloud based OS has similar snapshot/revert capabilities.

There are products available that do just this, such as Invincea or spoon.net

BTW, you can show file name extensions to achieve some higher degree of visibility.  

To show file name extensions in Windows Explorer, follow these steps:

For Windows Vista, Windows 7, and Windows Server 2008
    Start Windows Explorer, you can do this by opening up any folder.
    Click Organize.
    Click Folder and search options.
    Click the View tab.
    Scroll down until you notice Hide extensions for known file types, un-check this line by clicking the check box.
    Note To hide file name extensions, check this line.
    Click OK

For Windows 2000, Windows XP, and Windows Server 2003
    Start Windows Explorer, you can do this by opening up any folder.
    Click Tools, and then click Folder Options.
    Scroll down and then click Folder and search options.
    Click the View tab.
    Scroll down until you notice Hide extensions for known file types, un-check this line by clicking the check box.

    Note To hide file name extensions, check this line.
    Click OK
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39643117
That would be an option any antivirus-e-mail-plugin should offer.
0
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
ID: 39877833
Why no feedback? I meant it: AV software does offer that, for example McAfee offered it in mail scanning components 10 years ago already.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41702008
At least https:#a39877833 is a possible solution since this option will exist in most e-mail scanners and it does what he is looking for.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you having trouble connecting or getting your iPhone / Samsung device(s) to sync with Microsoft Exchange Server?   What have you tried?   What haven't you tried?
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now