Base64 virus detector could be built in antiviral software

[Wim Hamhuis]

When the coding method is "Base64" then it should be easy to detect if
newsgroup and e-mail messages contain virusses.

When detected, the program should change "Base64" into "invalid due to viral
Base64" and the virus can be removed before it damages the system.

as a result it can't be executed anymore, but if the e-mail or
newsgroupmessage contains noninfected Base64 code, it can be used with no
harm done.

With friendly greetings,
Wim Hamhuis

The Netherlands

 

[Jason Spashett]

When the coding method is "Base64" then it should be easy to detect if
newsgroup and e-mail messages contain virusses.

When detected, the program should change "Base64" into "invalid due to viral
Base64" and the virus can be removed before it damages the system.

as a result it can't be executed anymore, but if the e-mail or
newsgroupmessage contains noninfected Base64 code, it can be used with no
harm done.

With friendly greetings,
Wim Hamhuis

The Netherlands

Hmm yes. Is that not obvious? And do some anti-viruses programs not do
something similar? What about 'UU' encoding, have you a similar scheme for
that? Ofcourse UU encoded bodies can appear in non MIME streams. That is,
intermingled with the rfc822 message bodies that contain no mime
information.

 

[Wim Hamhuis]

Hmm yes. Is that not obvious? And do some anti-viruses programs not do
something similar? What about 'UU' encoding, have you a similar scheme for
that? Ofcourse UU encoded bodies can appear in non MIME streams. That is,
intermingled with the rfc822 message bodies that contain no mime
information.

Ofcourse, they just have to scan the strings of the message "UU encoding"
should be mentioned with a special parameter in the message to intercept it
before it becomes executed if neccasary. If infection is found, the message
will be made unharmfull and warning will be given.

then it will allso stop the spread in newsgroups.

with friendly greetings,
Wim Hamhuis