mime-whitelist
Syntax
mime-whitelist {
exception listname;
list listname {
exception listname;
}
}
Hierarchy Level
[edit security utm default-configuration] [edit security utm feature-profile anti-virus]
Description
Configure the antivirus scanner to use MIME bypass lists and exception lists. You can use your own custom object lists, or you can use the default list that ships with the device called junos-default-bypass-mime.
When you configure the MIME allowlist feature, be aware that, because header information in HTTP traffic can be spoofed, you cannot always trust HTTP headers to be legitimate. When a Web browser is determining the appropriate action for a given file type, it detects the file type without checking the MIME header contents. However, the MIME allowlist feature does refer to the MIME encoding in the HTTP header. For these reasons, it is possible in certain cases for a malicious website to provide an invalid HTTP header. For example, a network administrator might inadvertently add a malicious website to a MIME allowlist, and, because the site is in the allowlist, it will not be blocked by Sophos even though Sophos has identified the site as malicious in its database. Internal hosts would then be able to reach this site and could become infected.
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.5. Statement updated.
The [edit security utm default-configuration] hierarchy
level is introduced in Junos OS Release 18.2R1.