[AccessD] OT: Zip files (was Logic issue)

Jim Lawrence accessd at shaw.ca
Thu Aug 25 19:21:53 CDT 2005


For that matter neither have I. I have indirectly heard it stated that there
have been virus hidden in a ZIP file but have never seem one up close. Here
is an article on the subject but whether it is just more fear mongering or
just a diversion for more blatant user errors is open for debate:
http://www.computerworld.com/securitytopics/security/virus/story/0,10801,898
97,00.html

Jim   

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Heenan, Lambert
Sent: Thursday, August 25, 2005 12:01 PM
To: 'Access Developers discussion and problem solving'
Subject: RE: [AccessD] OT: Zip files (was Logic issue)

Interesting.

I *think* I understand what you mean by "The compression algorithm of the
ZIP alters that signature stream.": i.e. if you just scan the bytes that
make up the zip file you will not see the signature. But my organization
runs scanning s/w that unzips the zip file to check the contents, and it
does this at a fairly deep level. For example, .exe files are blocked, and
Zip files are not. But if you try to send a Zip file that contains an EXE
file, that will be blocked. In addition, if you rename the EXE before adding
it to the ZIP file it will *still* get blocked because the scanning s/w
looks at the (renamed) EXE file and sees its signature first few bytes and
detects the EXE that way.

I confess I have not heard of any code being executed as a result of
unzipping a ZIP file (with the exception of unzip tools like Winzip which
will detect a setup.exe or a .msi file and will offer to run the install
routine).

Lambert

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Jim Lawrence
Sent: Thursday, August 25, 2005 1:26 PM
To: 'Access Developers discussion and problem solving'
Subject: RE: [AccessD] OT: Zip files (was Logic issue)


Hi Lambert:

In theory virus can be hidden within a ZIP file and virus scanning programs
can not see them as a signature stream of values are required for virus
identification. The compression algorithm of the ZIP alters that signature
stream. Also some tricky code within a so called ZIP file can activate in
the process of unzipping the ZIP file.

But that can always be got around by simply sending your ZIP file named like
MYZipFile.ZIP.txt. When on one contract this technique was used by the local
IT people to slip ZIP files through the filters and then the first dot and
extension were removed. The ZIP files were then unzipped in isolation and
tested before being introduced on LAN
 
A little paranoid? You bet but at one government office, a couple of years
ago, a BlasterWorm got in through a similar method and the result was that a
couple of Ministries were down off and on for the better part of a month.
Put a price tag on that incident.

My two cents worth
Jim

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Heenan, Lambert
Sent: Thursday, August 25, 2005 8:58 AM
To: 'Access Developers discussion and problem solving'
Subject: RE: [AccessD] OT: Zip files (was Logic issue)

IMHO it's caused by IT people who are too paranoid by far. They invest
thousands on virus scanning software, keep updating the sig files every 24
hours, but in the end they don't trust it to weed out the viruses coming at
them via ZIP files. Rather than scanning the contents of ZIP files they
blindly block them. Also, don't the realize that most (All?) antivirus
programs can be set to scan files when they are opened and or written to
disk? So even if a zip file does have a virus, the anti-virus package should
kill it.

Lambert

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Charlotte Foust
Sent: Thursday, August 25, 2005 11:21 AM
To: Access Developers discussion and problem solving
Subject: RE: [AccessD] OT: Zip files (was Logic issue)


Does anyone know what the logic is for blocking zip files?  I run into this
occasionally and it drives me nuts!  You zip files to avoid the filters that
won't accept an mdb, etc., and then you run into filters that won't accept
the zip files.  Oops, Catch-22.  That drumming you hear is my head pounding
against the wall ....

Charlotte Foust


-----Original Message-----
From: John Clark [mailto:John.Clark at niagaracounty.com] 
Sent: Thursday, August 25, 2005 5:08 AM
To: accessd at databaseadvisors.com
Subject: RE: [AccessD] Logic issue


Yes Frank, I always like to checkout someone's ideas...I learn so much more
than any book can teach. My address is john.clark at niagaracounty.com


If this is a zip file, change the extention to something like .zp, because
we block .zip files.

John W. Clark
Computer Programmer
Niagara County
Central Data Processing

>>> frank at fhsservices.co.uk 8/24/2005 5:21 PM >>>
Here's a different solution!
If you have a checkbox for each title or position that can be applicable to
each person represented through the database then, on the client form of any
of people the list the checkboxes will indicate positives for the applicable
option. So, Jack Jones can have the boxes ticked for Defence attorney,
prosecuting attorney, Judge etc. etc. The final checkbox (no 9 on my sample)
can be set to "Other" and have an associated textbox in the table which will
only be displayed it no 9 is ticked and the text will be entered into the
open, blank textbox for storage and later retrieval. The trick here is to
combine the bit value of each checkbox to obtain a unique value for the
combination of boxes ticked. I have a small database of the principle as a
working example which I can forward to anybody who would like to see it. The
AccessD list is limited to a 30K unit size and will not allow me to attach
the sample to this text

Kind regards,
 
Frank Hill

Kind regards,
 
Frank Hill

 

-----Original Message-----
From: accessd-bounces at databaseadvisors.com 
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of John Clark
Sent: 24 August 2005 18:36
To: accessd at databaseadvisors.com 
Subject: [AccessD] Logic issue

Hi all

I am having trouble working out how I want to go about something, and I am
hoping somebody here can give me a nudge. It doesn't sound difficult, but
I'm running into dead-ends. I am starting to think that I will just have to
go ahead and finish up with "whatever" and work around things.

I am doing a project for a district attorney's office, and it will basically
just keep tabs on everybody that passes through the system. The problem is
though that there are "Defendants", defense lawyers, prosecuting lawyers,
judges, and victims, and it isn't rare for a single person to cross into
multiple lists. And, theoretically, it is possible to be in all lists. For
instance there are many prosecuting lawyers that become defense attorneys,
and it is not unlikely that one of these attorneys could be a judge in the
future. That scenario is very possible, and you can add it that a lawyer is
very able to be a victim, and hell, we all know they can be criminals ;)
Another scenario that happens very frequently, is that a person is both a
defendant and a victim. 

I don't want the person entering data to scroll through hundreds, and
eventually thousands, of names to pick an attorney's name from among the
list of everybody else in the system.

The idea I am working on presently is to add logical fields for each
designation to the table of names. For instances:

kNameID
txtLastName
txtFirstName
txtMI
txtSuffix
logAttorney
logADA
logJudge
logVictim
logDefendant

If I do this, I will have removed some fields that are currently there, such
as:

txtAddress1
txtAddress2
txtCity
txtSt
txtZip
txtPhone

And, I will put these in another linked table. There may be a need to have
multiple addresses for the defendants, so this would be best I think.

The problem that I am foreseeing here...I'm not at that point, so my fears
could be unfounded...is setting these fields to true and/or false, as
needed.  Basically, thinking of victims for a minute here, the defendant
screen, which will actually be an "Indictment" screen, will have a subform
to hold potentially many victims for the indictment. If a victim IS already
in the system as something else, I will need to tag that name as a victim
and I'm wondering if this will present difficulties.

Well, I hope I am being clear enough. If anyone out there has any tips for
me, I would greatly appreciate it if you would pass them along.

Thank you!

John W Clark
-- 
AccessD mailing list
AccessD at databaseadvisors.com 
http://databaseadvisors.com/mailman/listinfo/accessd 
Website: http://www.databaseadvisors.com 

-- 
AccessD mailing list
AccessD at databaseadvisors.com 
http://databaseadvisors.com/mailman/listinfo/accessd 
Website: http://www.databaseadvisors.com
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com




More information about the AccessD mailing list