[Dshield] new Netsky.b virus - quick analysis (incl. hexdump)

John Holmblad jholmblad at aol.com
Fri Feb 20 16:24:54 GMT 2004


Jayawa,

the problem  is that, as it relates to malware, the word "executing" 
covers a broad space that includes not just .exe files (in the case of  
Microsoft OS's) but many other file extensions as well. A user may think 
they are simply rendering a file to their display for veiwing when in 
fact they are causing either directly or via embedded macros, the 
execution of  malware infected software. I have always believed that the 
file extention hiding feature in Microsoft Windows Explorer  was a 
really BAD idea whose badness has only come to be recognized as the 
malware threat has grown because now there is a global population of 
"average" users that don't even necessarily know what  a file extension 
is and what is its purpose. In other words, the IT community (in this 
case led by Microsoft) has put "ease of use" a notch above security to 
everyone's detriment in terms of security.
-- 

Best Regards,

 

John Holmblad

 

Televerage International

 

(H) 703 620 0672

(M) 703 407 2278

(F) 703 620 5388

 

www page:                      www.vtext.com/users/jholmblad

primary email address: jholmblad at aol.com

backup email address:  jholmblad at verizon.net

 

text email address:         jholmblad at vtext.com




More information about the list mailing list