[CentOS] Detecting empty office doc containing virus macro
Valeri Galtsev
galtsev at kicp.uchicago.edu
Wed Oct 28 14:51:28 UTC 2015
On Wed, October 28, 2015 6:55 am, Gary Stainburn wrote:
> We are receiving LOTS of emails that contain empty XLS or DOC documents
> with
> embedded virus macros. These are getting past SPAMASSASSIN, Clamav and
> Kaspersky.
Just a word of advise to everybody: stay away from Kaspersky (unless you
want to submit to KGB). Do your own homework (web search, etc) and keep in
mind what everybody says: there is no retirement from secret services
(KGB, CIA, MI5, NSA, ...) other than dead, feet first dead.
I guess I see everywhere the confirmation of the saddest history lesson
that people never learn history lessons ;-(
Valeri
>
> I'm trying to write a filter for EXIM to block these emails but I need to
> know
> a good, quick, command-line to detect an empty doc with a macro.
>
> Is there anything available that I can use??
>
> I have managed to write a PERL script to detect empty xls xlsx, doc and
> docx
> files but I cannot detect whether they have any macros embedded
>
> Gary
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the CentOS
mailing list