[Dshield] vunerability windows

Pete Cap peteoutside at yahoo.com
Fri Feb 6 17:19:03 GMT 2004


It really is shocking that so many people propagate this kind of thing by opening AND EXECUTING random attachments they get in the mail.
 
I wonder if it's the same people every time...
 
I wonder if you were to walk up to them on the street and offer them an unknown pill and say "Hey, you don't know me, but eat this" if they would... :)
 
As far as minimizing the window between virus seeding and "vaccination"...it has to be captured and reverse-engineered first.  MyDoom specifically avoided antivirus vendors.  Perhaps some specialized training in finding malware would be of use to the IT community...?  Maybe administrators could be trained to track down and capture new viruses quicker.
 
Regards,
 
Pete
 

Erwin Van de Velde <erwin.vandevelde at ua.ac.be> wrote:
Hi,

On Friday 06 February 2004 13:25, Andy Streule wrote:

> I was wondering what peoples ideas were on how to mimise the windows.
>
> The other day I wondered why anti-virus vendors arent getting into mail
> clients. Or microsoft needs to be getting into antivirus a lot faster. It
> would seem logical to me that for the home user market, the time has come
> for anti-virus software to be integrated with mail clients and for some
> mechanism to exist to quarantine attachments for say 12 hours, to ensure
> updates are most likely avaliable for any new virus.

I can't tell for other AV software, but NAV integrates with outlook express 
sufficiently for me: it checks in and outgoing e-mail.
Quarantine doesn't seem that good to me, as I don't always want to wait for my 
new and exciting mail attachments :-)
For instance, if I'm working in a team on a project, and we want to mail 
eachother files (word documents for instance, or programs or ...)
If I allways have to wait 12 hours, it would decrease my performance 
dramatically :-)

>
> Also auto-update should be on by default and sufficiently hidden so the
> average n00b cant turn it off. ;-)
I fully agree with this.

Further, the only way to contain viruses more rapidly is, in my opinion, an 
upgrade of the users, rather than of the software. It still amazes me that so 
many people keep opening suspicious attachments. 
But then.... there is no easy way to program brains - yet ;-)

Greetings,
Erwin Van de Velde
Student of University of Antwerp
Belgium

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

---------------------------------
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online


More information about the list mailing list