Re: Detecting empty office doc containing virus macro

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, October 28, 2015 6:55 am, Gary Stainburn wrote:
> We are receiving LOTS of emails that contain empty XLS or DOC documents
> with
> embedded virus macros.  These are getting past SPAMASSASSIN, Clamav and
> Kaspersky.

Just a word of advise to everybody: stay away from Kaspersky (unless you
want to submit to KGB). Do your own homework (web search, etc) and keep in
mind what everybody says: there is no retirement from secret services
(KGB, CIA, MI5, NSA, ...) other than dead, feet first dead.

I guess I see everywhere the confirmation of the saddest history lesson
that people never learn history lessons ;-(

Valeri

>
> I'm trying to write a filter for EXIM to block these emails but I need to
> know
> a good, quick, command-line to detect an empty doc with a macro.
>
> Is there anything available that I can use??
>
> I have managed to write a PERL script to detect empty xls xlsx, doc and
> docx
> files but I cannot detect whether they have any macros embedded
>
> Gary
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux