Previous Page | Next Page

  1. Introduction
  2. Your Needs
  3. What to Protect
  4. Security Policies
  5. Security Policy Requirements
  6. Incident Procedures
  7. Security Categories
  8. Software Vulnerability Control
  9. Hostile Software
  10. Network Layout
  11. Traffic Filtering
  12. Mail
  13. Firewall Protection
  14. Network Intrusion Detection
  15. Network Port Scanning
  16. Network Tools
  17. Passwords
  18. Types of Attacks
  19. Protocol Use
  20. Entry Points
  21. Cost
  22. Application Level Protection
  23. System Protection
  24. User Issues
  25. Other Recommendations
  26. Terms
  27. Credits

Mail and Security

Many attempts to intrude on organizational networks are made either through the organization's email server or through sending mail directly to users of the network. There are several steps which should be taken to reduce the chance of penetration success in this area.

  • Block many dangerous email attachments on your mail server or at your firewall. Many attachment types may contain code that can be run on workstations or servers and create a method for an outsider to gain control of that machine. If an executable attachment is sent to one of your users and they double click on the attachment, it is likely that the code will run and the attack will succeed. The only defense in this case is your antivirus software on the machine. However consider the possibility that the virus program may not recognize the attachment as hostile code either because it was not detected yet or because a hacker specifically wrote the code to penetrate your network. We block the following attachments because they either can point to dangerous code, are dangerous code or can contain dangerous code:

    1. *ade - Microsoft Access project extension can contain executable code.
    2. *adp - Microsoft Access project can contain executable code.
    3. *app - Microsoft FoxPro application is executable code.
    4. *asp - Active server pages
    5. *asx -
    6. bas - Basic program source code is executable code.
    7. bat - Batch file which can call executable code.
    8. *chm - Compiled HTML help file can contain executable code.
    9. cmd - Windows NT command script file is executable code.
    10. com - Command file program is executable code.
    11. cpl - Control panel extension
    12. *crt
    13. *csh
    14. -dll - Dynamic link library is executable code. Could be placed on your system then run by the system later.
    15. exe - Binary executable program is executable code.
    16. *fxp - Microsoft FoxPro is executable code.
    17. *hlp - Help file
    18. *hta - HTML program
    19. *inf - Setup information
    20. *ins - Internet naming service
    21. *isp - Internet communication settings
    22. js - JavaScript file
    23. jse - JavaScript encoded file
    24. *ksh - Unix shell file
    25. *lnk - Link file
    26. *mda - Microsoft Access add-in program
    27. *mdb - Microsoft Access program
    28. *mde - Microsoft Access MDE database
    29. *mdt - Microsoft Access file
    30. *mdw - Microsoft Access file
    31. *mdz - Microsoft Access wizard program
    32. *msc - Microsoft Common Console document
    33. msi - Microsoft windows installer package
    34. *msp - Windows Installer patch
    35. mst - Visual Test source files
    36. *ops - FoxPro file
    37. pcd - "Photo CD image or Microsoft Visual Test compiled script"
    38. pif - "Shortcut to MS-DOS program"
    39. *prf - "Microsoft Outlook Profile Settings"
    40. *prg - "FoxPro program source file"
    41. reg - Registry files
    42. *scf - "Windows Explorer Command file"
    43. scr - Screen saver
    44. sct - Windows® script component
    45. *shb - Document shortcut
    46. *shs - Shell scrap object
    47. *url - Internet address
    48. vb - Visual Basic file
    49. vbe - Visual Basic encoded script file
    50. vbs - Visual Basic file
    51. *vsd
    52. *vss
    53. *vst
    54. *vsw
    55. wsc - Windows script component
    56. wsf - Windows script file
    57. wsh - Windows script host settings file
    58. xsl - XML file may contain executable code

Microsoft Outlook blocks these above attachments by default in Outlook 2003 as noted at Attachment File Types Restricted by Outlook 2003.