lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: Bart.Lansing at kohls.com (Bart.Lansing@...ls.com)
Subject: Backdoor not recognized by Kaspersky







No, what I would expect is that it has the smarts (and it does, we are
doing it here with Trend) to look inside the Zip and stop any zip
containing any .scr/.exe/.com/.you-name-executable files.  Check your Trend
(or whatever mail checker you are using) configs and set them
appropriately.  Double check to see that you have not granted your own
domain exemptions from your rules to eliminate the spoofed mail walking
through and waving at your gateway on the way by.  The zip's contents can
be seen without the password, just not unpacked...no cracking it required.
You should be blocking executables by policy anyway, yes?

Bart Lansing
Manager, Desktop Services
Kohl's IT

> Well, what would you expect, that the virusgateway would brute-forcecrack
the
> zip password ?  No.  It has only two options:
>
> A) Delete all password protected zipfiles regardless
>   or
> B) Let any and all password protected zipfiles through.

>
> Option A) is not really [usually] acceptable in the real world. (YMMV)
>
> Maarten
>
> --
> Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO
CARRIER
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


CONFIDENTIALITY NOTICE: 
This is a transmission from Kohl's Department Stores, Inc.
and may contain information which is confidential and proprietary.
If you are not the addressee, any disclosure, copying or distribution or use of the contents of this message is expressly prohibited.
If you have received this transmission in error, please destroy it and notify us immediately at 262-703-7000.

CAUTION:
Internet and e-mail communications are Kohl's property and Kohl's reserves the right to retrieve and read any message created, sent and received.  Kohl's reserves the right to monitor messages by authorized Kohl's Associates at any time
without any further consent.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ