Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual page 943

POP3:EXT:DOT-JS
POP3:EXT:DOT-JSE
POP3:EXT:DOT-LNK
POP3:EXT:DOT-MDB
POP3:EXT:DOT-MDE
POP3:EXT:DOT-MSC
POP3:EXT:DOT-MSI
POP3:EXT:DOT-MSP
Copyright © 2010, Juniper Networks, Inc.
This signature detects e-mail attachments that have the
extension .ss and were received via POP3. Because .JSs
(JavaScript File) files contain scripts, this may indicate an
incoming e-mail virus. Attackers may create malicious
scripts, tricking users into executing the file and infecting the
system.
This signature detects e-mail attachments that have the
extension .jse and were received via POP3. Because .JSEs
(JavaScript Encoded) files contain scripts, this may indicate
an incoming e-mail virus. Attackers may create malicious
scripts, tricking users into executing the file and infecting the
system.
This signature detects e-mail attachments that have the
extension .lnk and were received via POP3. Because .LNKs
(Windows link) files can point to any program, this may
indicate an incoming e-mail virus. Attackers may create a
link pointing to a dangerous program, tricking users into
executing the link and affecting the system.
This signature detects e-mail attachments that have the
extension .mdb and were received via POP3. Because .MDBs
(MS Access Application) files can contain scripts, this may
indicate an incoming e-mail virus. Attackers may create
malicious scripts, tricking users into executing the file and
infecting the system.
This signature detects e-mail attachments that have the
extension .mde and were received via POP3. Because .MDEs
(Microsoft Access MDE database) files can contain scripts
and macros, this may indicate an incoming e-mail virus.
Attackers may create malicious scripts, tricking users into
executing the file and infecting the system.
This signature detects e-mail attachments that have the
extension .msc and were received via POP3.
This signature detects e-mail attachments with the
extension .msi received via POP3. This may indicate an
incoming e-mail virus. .MSIs (Microsoft Windows Installer
Package) contain executable code. Attackers may create
malicious executables, tricking the user into executing the
file and infecting the system.
This signature detects e-mail attachments with the
extension .msp received via POP3. This may indicate an
incoming e-mail virus. .MSPs (Microsoft Windows Installer
Patch) contain executable code. Attackers may create
malicious executables, tricking the user into executing the
file and infecting the system.
Appendix E: Log Entries
high sos5.1.0
high sos5.1.0
medium sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
medium sos5.1.0
893