| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dufresne at winternet.com (Ron DuFresne) Subject: AV "feature" does more DDoS than Sobig On Thu, 28 Aug 2003, Richard M. Smith wrote: > Ron, > > >>> else, you become part of the perpetual > >>> 'SPAM/viri-by-product" problem, wasting > >>> and consuming bandwidth > > Actually, it's important to get these false AV warning messages shut > off. One company that I contacted told me that they have already sent > out hundreds of thousands of false warning messages about Sobig.F. They > are now working to get this feature turned off. It looks like they are > running some sort homebrew software and not a commercial package. > While I agree with you in concept and theory, I can tell you by implimentation and experience, they will persist from most sites for the duration. Much as most the hacked/compromised systems that are the core of the problem, will also persist to be issues and core parts of the problem for a long long time. Example, the number of systems still infested with nimda/code-red that hit my logs years now, after the fact. Some after more then one notice and/or call to folks that handle the systems but, remain clueless. There isn't a lart large enough to dispense enough clues to go around. Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists