MENU

StripIT

StripIT - APT Protection

StripIT® identifies macros and active code in OpenOffice and Microsoft Office documents and removes these sources of risk, allowing the modified document to be delivered to the intended recipients.

Document based macros and other active code have long been seen as a source of security risk.
There are few limits to what this embedded active code can do when run.

Typically, e-mailed/uploaded/download Office and PDF documents are scanned for virus content only, and if clear, are passed through. Anti-virus programs only look for known virus signatures. There is no reason for them to detect macros or other active code. Alternatively keyword searching may be used to identify the presence of active content and such documents might be quarantined.

New in 2014 is File StripIT - a command line utility version of StripIT - to enable use on files on your systems, and for building in to other applications.

section icon software development More Information:

  • What StripIT does

    StripIT® identifies macros and active code in OpenOffice (Writer, Calc, Impress) and Microsoft Office 2003, 2007 and 2010 documents (Word, Excel, PowerPoint) and optionally removes these sources of risk, allowing the modified document to be delivered to the intended recipients free of macros and active code.

    StripIT® identifies macros and active code in OpenOffice (Writer, Calc, Impress) and Microsoft Office 2003, 2007 and 2010 documents (Word, Excel, PowerPoint) and optionally removes these sources of risk, allowing the modified document to be delivered to the intended recipients free of macros and active code.

    StripIT® processes documents inside ZIP, 7Z, TAR, CAB, MIME & BZIP containers. Modified documents are returned to the archive container for delivery. StripIT® also reads RAR containers and writes another supported format if necessary.

    StripIT® identifies nominated file types and can strip them off messages before transmission. It also allows identification of Information Rights Management (IRM) access permissions and the presence of orphaned data structures in some documents.

  • How StripIT works

    StripIT® operates as an SMTP relay when operating stand-alone or as a content scanner when StripIT® is integrated with MIMEsweeper for SMTP.

    StripIT® operates as an SMTP relay when operating stand-alone or as a content scanner when StripIT® is integrated with MIMEsweeper for SMTP.

    StripIT® can process OpenOffice and Microsoft Office word processor, spreadsheet and presentation documents and can be configured to:

    • detect and report via an appropriate classification or
    • detect and clean, again reporting its action via an appropriate classification

    StripIT® detects:

    • Openoffice.org Basic, Javascript, BeanShell and Python scripting languages
    • Microsoft Office 97-2003, 2007-2010 Macros and Microsoft Office 2003 XML.

    Some Microsoft Office documents may contain orphaned data structures. This can occur as a result of using fast save, which adds new data to the end of a document, without removing old data. Although this data is not directly accessible, it can contain anything, and it may be possible for the recipient to reactivate it. StripIT®provides a way to remove these orphaned data structures.

    StripIT® identifies the presence of IRM access permissions in Microsoft Office documents.It allows these to be classified as "Not Checked" and quarantined by MIMEsweeper for SMTP. StripIT® uses file type signatures and file name masks to identify files to strip.