[Dshield] new Netsky.b virus - quick analysis (incl. hexdump)

jayjwa jayjwa at atr2.ath.cx
Fri Feb 20 11:16:05 GMT 2004

On Wed, 18 Feb 2004, John Hardin wrote:

> > We desparately need *smart* and *fast* solutions for SMTP problems.
> > I've not seen a single useful solution that cannot be bypassed, and
> > at the same time will not render legitimate use of SMTP problematic,
> > if not totally impossible (the ultimate solution may not exist).
> Alas, the most likely cure for worms and spam is replacing the SMTP
> protocol...

The worm designers are taking the path of least resistance. Do away with
SMTP altogether today, and tomarrow it will be the next least-hardy,
readily available protocol. Years ago, email wasn't big- viruses spread by
way of infecting exe's and com's and boot sectors. Now the boot virus is
almost extinct. So it will go with SMTP.
I personal don't see what's so hard about not executing attachments sent
to you thru the mail.

%jayjwa%  RLF#37    "Gnu for ALL. SCO Never."
PGP Key-Fetch: B628B851
   Jung xvaqn jnpxb qrpbqrf ebg13 sebz fvtf ?

More information about the list mailing list