[Dshield] new Netsky.b virus - quick analysis (incl. hexdump)

John Holmblad jholmblad at aol.com
Fri Feb 20 16:24:54 GMT 2004


the problem  is that, as it relates to malware, the word "executing" 
covers a broad space that includes not just .exe files (in the case of  
Microsoft OS's) but many other file extensions as well. A user may think 
they are simply rendering a file to their display for veiwing when in 
fact they are causing either directly or via embedded macros, the 
execution of  malware infected software. I have always believed that the 
file extention hiding feature in Microsoft Windows Explorer  was a 
really BAD idea whose badness has only come to be recognized as the 
malware threat has grown because now there is a global population of 
"average" users that don't even necessarily know what  a file extension 
is and what is its purpose. In other words, the IT community (in this 
case led by Microsoft) has put "ease of use" a notch above security to 
everyone's detriment in terms of security.

Best Regards,


John Holmblad


Televerage International


(H) 703 620 0672

(M) 703 407 2278

(F) 703 620 5388


www page:                      www.vtext.com/users/jholmblad

primary email address: jholmblad at aol.com

backup email address:  jholmblad at verizon.net


text email address:         jholmblad at vtext.com

More information about the list mailing list