Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual page 970

Network and Security Manager Administration Guide
POP3:EXT:DOT-OCX
POP3:EXT:DOT-PCD
POP3:EXT:DOT-PIF
POP3:EXT:DOT-REG
POP3:EXT:DOT-SCR
POP3:EXT:DOT-SCT
POP3:EXT:DOT-URL
POP3:EXT:DOT-VB
920
This signature detects e-mail attachments that have the
extension .ocx and were received via POP3. Because .OCXs
(Object Control Extension) files can contain multiple scripts,
this may indicate an incoming e-mail virus. Attackers may
create malicious executables, tricking users into executing
the file and infecting the system.
This signature detects e-mail attachments that have the
extension .pcd and were received via POP3. Because .PCDs
(Photo CD MS Compiled Script) files can contain scripts,
this may indicate an incoming e-mail virus. Attackers may
create malicious scripts, tricking users into executing the file
and infecting the system.
This signature detects e-mail attachments with the
extension '.pif' sent via POP3. This may indicate an incoming
e-mail virus. PIFs (Program Information Files) are standard
Microsoft Windows files that contain start up properties for
DOS applications. Attackers may hide malicious executables
within a PIF file, tricking users into executing the file and
infecting the system.
This signature detects e-mail attachments that have the
extension .reg and were received via POP3. Because .REGs
(Registry Entries) files contain entries for the Registry, this
may indicate an incoming e-mail virus. Attackers may create
malicious entries, tricking users into executing the file and
infecting the system.
This signature detects e-mail attachments with the
extension '.scr' sent via POP3. This may indicate an incoming
e-mail virus. SCRs (ScreenSaver files) are renamed '.exe'
files containing executable code. Attackers may disguise
malicious executables to appear as harmless screensaver
files, tricking the user into executing the file and infecting the
system.
This signature detects e-mail attachments with the
extension .sct received via POP3. This may indicate an
incoming e-mail virus. .SCTs (Windows Script Component)
contain scripts. Attackers may create malicious scripts,
tricking the user into executing the file and infecting the
system.
This signature detects e-mail attachments with the
extension .url received via POP3. This may indicate an
incoming e-mail virus. .URLs (Internet Shortcut) contain a
link to a web location. Attackers may create a malicious
shortcut, tricking the user into executing the file and send
the user to a malicious website.
This signature detects e-mail attachments with the
extension .vb received via POP3. This may indicate an
incoming e-mail virus. .VBs (VBScript File) contain scripts.
Attackers may create malicious scripts, tricking the user into
executing the file and infecting the system.
medium sos5.1.0
high sos5.1.0
high sos5.1.0
medium sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
high sos5.1.0
Copyright © 2010, Juniper Networks, Inc.