Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.security > #6155

Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?

From Shubo <Shubo@galbo.io>
Newsgroups linux.debian.security
Subject Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Date 2022-06-20 18:50 +0200
Message-ID <EAsL7-65og-3@gated-at.bofh.it> (permalink)
References <Ez5GV-5gRU-9@gated-at.bofh.it> <EzCCR-5ADf-1@gated-at.bofh.it> <EAsi5-65eZ-11@gated-at.bofh.it>
Organization linux.* mail to news gateway

Show all headers | View raw

I feel like ClamAV would be the cheapest and easiest solution for 
handling png and jpgs, But like Sebastian said it does depend on use 
case. There are multiple av scanners/solutions but many are paid 
services, I've been using clam av for my email setup and it feel like 
it's been sufficient. You would need to enable png/jpeg extensions for 
ClamAV if that would be your plan and some sort of sandboxed environment 
for clamav/imagemagick iirc.


P.S I've just subscribed to this list, so please excuse me if i repeated 
any information as I can't see this whole email thread.


  Shubo

On 6/20/2022 12:10 PM, Sebastian Rose wrote:
> Davide Prina <Davide.Prina@null.net> writes:
>> Corey H wrote:
>>
>>> how do you guys test all of the potential PNG/JPG potential malware payloads
> What's your use-case? As I'm not aware of an vector for GNU/Linux in
> normal everyday use¹, I guess you host files for Windows clients?
>
> Did anyone mention ClamAV already? If so, please ignore me (sorry for
> not following closely...).
>
>
>   - Sebastian
>
>
> ¹ One can execute every file on GNU/Linux. But the attack is that
> execution of a file, not the file (otherwise we'd have to consider `rm',
> `gpg', `scp', and many more malware, too).
>
>

Back to linux.debian.security | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

How do you guys handle PNG/JPG binary files with potential payloads  for all the image viewers? Corey H <user9de1d@gmail.com> - 2022-06-17 00:00 +0200
  Re: How do you guys handle PNG/JPG binary files with potential  payloads for all the image viewers? Davide Prina <Davide.Prina@null.net> - 2022-06-18 11:10 +0200
    Re: How do you guys handle PNG/JPG binary files with potential  payloads for all the image viewers? Sebastian Rose <sebastian_rose@gmx.de> - 2022-06-20 18:20 +0200
      Re: How do you guys handle PNG/JPG binary files with potential  payloads for all the image viewers? Noah Meyerhans <noahm@debian.org> - 2022-06-20 18:30 +0200
      Re: How do you guys handle PNG/JPG binary files with potential  payloads for all the image viewers? Noah Meyerhans <noahm@debian.org> - 2022-06-20 18:30 +0200
      Re: How do you guys handle PNG/JPG binary files with potential  payloads for all the image viewers? Shubo <Shubo@galbo.io> - 2022-06-20 18:50 +0200
      Re: How do you guys handle PNG/JPG binary files with potential  payloads for all the image viewers? Corey H <user9de1d@gmail.com> - 2022-06-21 04:30 +0200
  Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers? Samtinel <samtinel_lists@moewe.org> - 2022-06-18 14:00 +0200

csiph-web