Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1 Administration Manual page 971

SMTP:EXT:DOT-INS
SMTP:EXT:DOT-ISP
SMTP:EXT:DOT-JS
SMTP:EXT:DOT-JSE
SMTP:EXT:DOT-LNK
SMTP:EXT:DOT-MDB
SMTP:EXT:DOT-MDE
SMTP:EXT:DOT-MSC
Copyright © 2010, Juniper Networks, Inc.
This signature detects e-mail attachments that have the
extension .ins and were sent via SMTP. Because .INSs
(Internet Naming Service) files contain configuration
parameters, this may indicate an incoming e-mail virus.
Attackers may include malicious configurations, tricking
users into executing the file and infecting the system.
This signature detects e-mail attachments that have the
extension .isp and were sent via SMTP. Because .ISPs
(Internet Communication Settings) files contain
configuration parameters, this may indicate an incoming
e-mail virus. Attackers may include malicious configurations,
tricking users into executing the file and infecting the system.
This signature detects e-mail attachments that have the
extension .js and were sent via SMTP. Because .JSs
(JavaScript File) files contain scripts, this may indicate an
incoming e-mail virus. Attackers may create malicious
scripts, tricking users into executing the file and infecting the
system.
This signature detects e-mail attachments that have the
extension .jse and were sent via SMTP. Because .JSEs
(JavaScript Encoded) files contain scripts, this may indicate
an incoming e-mail virus. Attackers may create malicious
scripts, tricking users into executing the file and infecting the
system.
This signature detects e-mail attachments that have the
extension .lnk and were sent via SMTP. Because .LNKs
(Windows link) files can point to any program, this may
indicate an incoming e-mail virus. Attackers may create a
link pointing to a dangerous program, tricking users into
executing the link and affecting the system.
This signature detects e-mail attachments that have the
extension .mdb and were sent via SMTP. Because .MDBs
(MS Access Application) files can contain scripts, this may
indicate an incoming e-mail virus. Attackers may create
malicious scripts, tricking users into executing the file and
infecting the system.
This signature detects e-mail attachments that have the
extension .mde and were sent via SMTP. Because .MDEs
(Microsoft Access MDE database) files can contain scripts
and macros, this may indicate an incoming e-mail virus.
Attackers may create malicious scripts, tricking users into
executing the file and infecting the system.
This signature detects e-mail attachments that have the
extension .msc and were sent via SMTP. Because .MSCs (
Microsoft Common Console Document) files can contain
configuration information, this may indicate an incoming
e-mail virus. Attackers may change the configuration to point
to a dangerous command, tricking users into executing the
files and infecting the system.
Appendix E: Log Entries
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
medium sos5.1.0
low sos5.1.0
medium sos5.1.0
medium sos5.1.0
921