homepage Welcome to WebmasterWorld Guest from 54.211.157.103
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
Zip Files Are They Safe?
Zip Files Are They Safe?
roothead




msg:361684
 7:34 pm on Jun 9, 2005 (gmt 0)

I've been sent a zip file to my hotmail account but it couldnt be scan as it was password protected. It was resent to my yahoo and seems fine.

My question is this can i down load without opening the file and scan it. Is this safe?

It is a piece of software i requested and i don't want to download a trojan.

Are they safe to download without opening or will it open on its own?
And can i scan it to make sure i t has no trojans?

I need the software so any help would be great. Also notice that the file size change from 1.06mb first send to 1.0mb second send to yahoo. Probably normal.

Thanxs in advance

 

visca




msg:361685
 7:46 pm on Jun 9, 2005 (gmt 0)

Software like Symantec Antivirus 2004 will scan inside ZIP files without you having to decompress them. It's virus scanning is good; and I believe its trojan horse scanning is acceptable; but it certainly won't scan for attached spyware or programs that are built completely with a malicious intent. You will need to download the ZIP file in order to perform a local virus scan on it.

To my knowledge, ZIP files are relatively safe to download to your computer, won't 'open themselves'. The problems only really begin if you decompress the ZIP file.

A lot of this is really about how confident you feel about the software's origin. If you grabbed it off CNET for example, your chances of there being a problem would be significantly less than downloading it from BobsHaKz.BIZ ;)

kaled




msg:361686
 11:53 am on Jun 10, 2005 (gmt 0)

Using a tool such as Winzip to unpack a zip archive is perfectly safe even if the contents are dubious.

Having unpacked the the zip archive, the contents can be scanned for nasties and deleted if required.

Kaled.

Romeo




msg:361687
 12:41 pm on Jun 10, 2005 (gmt 0)

Yes, trying to carefully inspect the ZIP file to see what is inside is OK.

However, there is another less technical but more social approach:
(1) Do you know the sender? If not: delete, don't care what surprise may be inside, just delete.
(2) If it is a known sender - it may be a fake (there are viruses and worms propagating by hijacking friends' address books) - do you expect a ZIP file from her/him? If not: delete.
(3) Otherwise ask back "Did you sent me some ZIPped file today? What's inside?". If you get a reply like "Huh? What are you talking about ...?": delete.

I normally just do this 'social' way of content judging and usually I am successfully finished with 90% of all spam cr*p after 0.1 seconds with just option (1), and with additional 9% after another 0.1 seconds with option (2).
This is much faster that to open an 'unzip' or 'winzip', or even scanning, before discarding that cr*p anyway.
The remaining 1% takes a bit longer, but also my step (3) actions I had so far finally ended in deletions.

WFM but YMMV.

Regards,
R.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved