|
||||||||
Demonstrate how much this decision will impact their firewall performance by sending a simple zip file. When I used to test network-based AV mail scanners, the easiest way to bring the scanner to its knees was to create a text file that contained a single character (x for example) duplicated a few million times. That's a quick perl/python/shell script to build that. Zip that text file up. It will compress to a little tiny zip file. Essentially the zip file is a description of # and x. Attach this zip file to an email and send it through the AV scanner. Watch the AV scanner choke while it spends CPU cycles to open and examine a text file full of one character. By buying into a low end UTM (Unified Threat Model), they have opened themselves to a basic denial of service attack. -- =Wayne |