[Dshield] vunerability windows

Andy Streule andy.streule at lythamhigh.lancs.sch.uk
Mon Feb 9 10:32:10 GMT 2004


that thing that i read somewhere that aol was testing. erm. like an
extension to smtp.
that supposed to check where email is from before accepting it.  Seems like
that would put a spanner in the
workings of a lot of viruses.

one of these days, i expect to see a virus that not only leeches everyones
bandwidth but steals computer power. 
like distributed processing. mmmmmm. 1 million pcs parallel processing. 
although i cant think of a good reason why criminals or spammers for that
matter would want/need that much processing power. It sounds like a good
plot for a movie. "Mad scientist solves the secrets of the ???? b4 goverment
with his 1 million parrallel processing pcs assembled using a worm virus"

infact a movie about identity theft thru computer infection would probably
be a good way of getting the message across seeing as nothing else seems to
be working.

~Andy

-----Original Message-----
From: Erwin Van de Velde [mailto:erwin.vandevelde at ua.ac.be]
Sent: 06 February 2004 18:20
To: General DShield Discussion List
Subject: Re: [Dshield] vunerability windows


On Friday 06 February 2004 18:00, Chuck Lewis wrote:
> Erwin,
>
> I agree with what you say, but that last paragraph, will true, gets
harder.
> These more recent virus offerings have gotten very good at masking
> themselves to normal users. If these users are used to getting emails from
> workers or friends that contain attachments, when a virus reads ones
> address list and fires these off, it is, unfortunately, more challenging
> for these users. That is, as had been stated, this stuff needs to be
> trapped at the email server and never even get to our users :-)
>

Blocking at the server is all very nice of course, but it gets a lot harder 
when the virus resides in compressed files like ZIPs. You can't block all 
compressed files at the server, as there can be legitimate ones too...

Why not sign attachments? If this would be possible (later possibly even 
required) in Outlook (Express) and other mail clients, like now already 
default in kmail possible, this could do the trick when eventually all 
unsigned mails with attachments could be dropped on the server.
Of course the user needs to memorize yet another password, as we can't allow

him to save it in his favorite mail client :-)
In the beginning, there could be a lot of complaining by the 'normal' users,

but in the end, it would make things a lot easier for all of us...

And signing could stop phishing attempts too...

Greetings,
Erwin Van de Velde
Student of Univeristy of Antwerp,
Belgium

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

***************************************************************************
This e-mail is confidential and privileged.  If you are not the intended
recipient do not disclose, copy or distribute information in this e-mail
or take any action in reliance on its content.
***************************************************************************

***************************************************************************
This email has been checked for known viruses. 
***************************************************************************




More information about the list mailing list