PDA

View Full Version : IPS: Block executable files embedeed in email attachments



rapapente
2012-05-25, 09:22
Dear all,

I ran a Pen testing, and received a trojan (executable) by email embedeed in an excel file. This was a self generated by a Pen Testing company, and therefore not know in the IPS trojan database.

As soon as the traojan was attached directly in the email no problem, but more touchy when embedded in an excel file, nothing was detected....Once launched the attachment, the Pen testing company was able to take control over the computer.

I would like to symply drop all attachments in emails which contains executable embedeed in it. How can I do that on CP ?

regards

Rapapente