lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0308281350310.4058-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: AV "feature" does more DDoS than Sobig

On Thu, 28 Aug 2003, Richard M. Smith wrote:

> Ron,
>
>    >>> else, you become part of the perpetual
>    >>> 'SPAM/viri-by-product" problem, wasting
>    >>> and consuming bandwidth
>
> Actually, it's important to get these false AV warning messages shut
> off.  One company that I contacted told me that they have already sent
> out hundreds of thousands of false warning messages about Sobig.F.  They
> are now working to get this feature turned off.  It looks like they are
> running some sort homebrew software and not a commercial package.
>

While I agree with you in concept and theory, I can tell you by
implimentation and experience, they will persist from most sites for the
duration.  Much as most the hacked/compromised systems that are the core
of the problem, will also persist to be issues and core parts of the
problem for a long long time.  Example, the number of systems still
infested with nimda/code-red that hit my logs years now, after the fact.
Some after more then one notice  and/or call to folks that handle the
systems but, remain clueless.  There isn't a lart large enough to dispense
enough clues to go around.

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ