Why email attachements are still dangerous

Summary:It's been nearly three years since I first wrote about scanning viruses at the gateway using signature-based virus scanning systems in response to Gartner's prediction of the death of signature-based virus scanning systems. Gartner declared the death of signature-based virus scanning systems back in August 2001, but that was about as accurate as any of their other predictions.

It's been nearly three years since I first wrote about scanning viruses at the gateway using signature-based virus scanning systems in response to Gartner's prediction of the death of signature-based virus scanning systems. Gartner declared the death of signature-based virus scanning systems back in August 2001, but that was about as accurate as any of their other predictions. The exact same thing was (and still is) said about signature-based IDS (Intrusion Detection Systems) dying because of "behavior" based IDS systems, but that's nonsense since the two techniques complement each other.

Although signature-based virus scanning on SMTP gatewaysis showing some signs of age -- viruses are sneakier now with techniques like password-protected zip files -- it is still the bread and butter of any organization's anti-virus defense system and it is still your best shot at defending against a virus outbreak. No sane e-mail administrator would be caught dead without it. I really thought e-mail attachment viruses would be old news by now since the ability to scan viruses at the perimeter has been with us since the end of the last millennium, but it seems that some organizations never learn -- and the latest Bagle outbreak proves it. One of my e-mail providers, Netzero, finally got around to implementing gateway anti-virus this year -- better late than never, I suppose.Still, the number of unprotected e-mail domains that remain is shocking.

Unfortunately, too many IT geeks believe that users shouldn't be so gullible and should learn to defend themselves. This is exactly what spammers count on to accumulate their hordes of zombies that are ready to launch spam or DoS (Denial of Service) attacks at theircommand, because there will always be a percentage of users who are completely helpless. If your organization or ISP doesn't scan for viruses at the gateway, it's time to demand change now.

Topics: Security

About

George Ou, a former ZDNet blogger, is an IT consultant specializing in Servers, Microsoft, Cisco, Switches, Routers, Firewalls, IDS, VPN, Wireless LAN, Security, and IT infrastructure and architecture.

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.