tar vs zip (security)

heleos · 2008-08-13 19:13:11

Today I got an e-mail from IT at work, stating that they are going to begin blocking .tar attachments, and allow .zip attachments. This made me wonder if there is a security problem with tar, or if the company is just afraid of anything linux

SiC · 2008-08-13 19:40:45

Hmmm... Did they give you reasons as to why they were going to block tar files?? The only fundamental difference between tar and zip is that zip is a natively compressed format, whereas tar is just a filesystem archive, much the same as .iso which is why they are usually compressed (.tar.gz or .tgz). They might as well start blocking .ace or .rar files.

arch0r · 2008-08-13 19:48:26

tar: used by bad *nix hax0rs aiming to damage windoze users

actually it makes no sense to me blocking tar files. they're whether encrypted nor cmpressed

SiC · 2008-08-13 19:59:02

arch0r wrote:

tar: used by bad *nix hax0rs aiming to damage windoze users
actually it makes no sense to me blocking tar files. they're whether encrypted nor cmpressed

Me either, unless they are operating a blanket block on all files other than those they have decided upon. But even then if they allow .doc or .xls files, then they are MASSIVELY open to security problems, so they can't use that excuse. It's probably typical BOFH behaviour where they are on a power trip.

heleos · 2008-08-13 20:08:53

There is a list of probably 40 blocked file extensions, but no problem with sending .doc and .xls files. Also, they encourage using VBA macros!

edit: the reason in the email was "blah blah blah, due to the number of new viruses, we're now blocking the following attachments: ..."

Last edited by heleos (2008-08-13 20:10:07)

SiC · 2008-08-13 20:14:18

Email them back and tell them Bollocks.

cactus · 2008-08-13 20:34:07

the *only* thing I could think of is maybe they have an inline AV scanner that doesn't support on the fly extraction/scanning of tar files, but does support it with zip files.
Other than that (slim chance), I would have no idea why they would block tar files.

Garns · 2008-08-13 21:25:03

cactus wrote:

the *only* thing I could think of is maybe they have an inline AV scanner that doesn't support on the fly extraction/scanning of tar files, but does support it with zip files.
Other than that (slim chance), I would have no idea why they would block tar files.

If that's the case, they should get a new scanner...

catwell · 2008-08-14 09:06:56

Maybe they mistook tar for rar? I think a lot of Windows viruses come in rar archives.

heleos · 2008-08-14 16:55:40

nope, .rar was also blocked

shining · 2008-08-14 18:28:50

What about tar.gz and tar.bz2 ?

Daenyth · 2008-08-14 18:38:53

You should see if sending a file with no extension works. just mv foo.tar foo; then send it in a mail. Save as foo.tar when it gets to the other side. Of course there's no huge reason to.

Mostly it sounds like the admins there are completely incompetant.

sokuban · 2008-08-16 08:15:32

cactus wrote:

the *only* thing I could think of is maybe they have an inline AV scanner that doesn't support on the fly extraction/scanning of tar files, but does support it with zip files.
Other than that (slim chance), I would have no idea why they would block tar files.

I sometimes use tar to send exe files to friends when either of our freemail services doesn't allow us to send exes. (Most freemail can scan zip files but not tar)

I don't think the chance is as slim as you believe.

heleos · 2008-08-16 13:40:54

well to get around the blocked zip files, we used to remove the zip extention and sent it.

Obi-Lan · 2008-08-16 14:01:12

Personally I don't like to send files via email, there are better protocols for it.

sokuban · 2008-08-16 14:51:07

What do you use then?

carlocci · 2008-08-16 18:22:19

heleos wrote:

Today I got an e-mail from IT at work, stating that they are going to begin blocking .tar attachments, and allow .zip attachments. This made me wonder if there is a security problem with tar, or if the company is just afraid of anything linux

Maybe you can natively open zip files in Windows XP and not tgz or rar?

.:B:. · 2008-08-16 21:02:36

Idiots at the IT department? Happens all the time I guess.

Of course as a 'workaround' you can rename your .tar{,.gz,.bz2} archives to .zip and get them through the firewall that way, it's not unprobable it only filters on extension, and does not check the header (like tar does when it tries to extract a tarball).

Obi-Lan · 2008-08-17 12:17:16

sokuban wrote:

What do you use then?

If the file is <10mb and I know that receiver don't know what ftp or http is I send it trough email. For our company internal file exchange I just use windows file shares. If the file is big I just put it on our http server.

Arch Linux

#1 2008-08-13 19:13:11

tar vs zip (security)

#2 2008-08-13 19:40:45

Re: tar vs zip (security)

#3 2008-08-13 19:48:26

Re: tar vs zip (security)

#4 2008-08-13 19:59:02

Re: tar vs zip (security)

#5 2008-08-13 20:08:53

Re: tar vs zip (security)

#6 2008-08-13 20:14:18

Re: tar vs zip (security)

#7 2008-08-13 20:34:07

Re: tar vs zip (security)

#8 2008-08-13 21:25:03

Re: tar vs zip (security)

#9 2008-08-14 09:06:56

Re: tar vs zip (security)

#10 2008-08-14 16:55:40

Re: tar vs zip (security)

#11 2008-08-14 18:28:50

Re: tar vs zip (security)

#12 2008-08-14 18:38:53

Re: tar vs zip (security)

#13 2008-08-16 08:15:32

Re: tar vs zip (security)

#14 2008-08-16 13:40:54

Re: tar vs zip (security)

#15 2008-08-16 14:01:12

Re: tar vs zip (security)

#16 2008-08-16 14:51:07

Re: tar vs zip (security)

#17 2008-08-16 18:22:19

Re: tar vs zip (security)

#18 2008-08-16 21:02:36

Re: tar vs zip (security)

#19 2008-08-17 12:17:16

Re: tar vs zip (security)

Board footer