Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual page 956

Network and Security Manager Administration Guide
SMTP:EXT:DOT-MSI
SMTP:EXT:DOT-MSP
SMTP:EXT:DOT-OCX
SMTP:EXT:DOT-PCD
SMTP:EXT:DOT-PIF
SMTP:EXT:DOT-REG
SMTP:EXT:DOT-SCR
SMTP:EXT:DOT-SCT
906
This signature detects e-mail attachments with the
extension .msi sent via SMTP. This may indicate an incoming
e-mail virus. .MSIs (Microsoft Windows Installer Package)
contain executable code. Attackers may create malicious
executables, tricking the user into executing the file and
infecting the system.
This signature detects e-mail attachments with the
extension .msp sent via SMTP. This may indicate an incoming
e-mail virus. .MSPs (Microsoft Windows Installer Patch)
contain executable code. Attackers may create malicious
executables, tricking the user into executing the file and
infecting the system.
This signature detects e-mail attachments that have the
extension .ocx and were sent via SMTP. Because .OCXs
(Object Control Extension) files can contain multiple scripts,
this may indicate an incoming e-mail virus. Attackers may
create malicious executables, tricking users into executing
the file and infecting the system.
This signature detects e-mail attachments that have the
extension .pcd and were sent via SMTP. Because .PCDs
(Photo CD MS Compiled Script) files can contain scripts,
this may indicate an incoming e-mail virus. Attackers may
create malicious scripts, tricking users into executing the file
and infecting the system.
This signature detects e-mail attachments with the
extension '.pif' sent via SMTP. This may indicate an incoming
e-mail virus. PIFs (Program Information Files) are standard
Microsoft Windows files that contain start up properties for
DOS applications. Attackers may hide malicious executables
within a PIF file, tricking users into executing the file and
infecting the system.
This signature detects e-mail attachments that have the
extension .reg and were sent via SMTP. Because .REGs
(Registry Entries) files contain entries for the Registry, this
may indicate an incoming e-mail virus. Attackers may create
malicious entries, tricking users into executing the file and
infecting the system.
This signature detects e-mail attachments with the
extension '.scr' sent via SMTP. This may indicate an incoming
e-mail virus. SCRs (ScreenSaver files) are renamed '.exe'
files containing executable code. Attackers may disguise
malicious executables to appear as harmless screensaver
files, tricking the user into executing the file and infecting the
system.
This signature detects e-mail attachments with the
extension .sct sent via SMTP. This may indicate an incoming
e-mail virus. .SCTs (Windows Script Component) contain
scripts. Attackers may create malicious scripts, tricking the
user into executing the file and infecting the system.
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
Copyright © 2010, Juniper Networks, Inc.