| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: lists at venom600.org (Ben Nelson) Subject: Is the FBI using email Web bugs? Poof wrote: > Actually- the problem with that is that fine... it won't allow any ports > except for the needed 25/110/143... Then what's to stop an image from using > http://www.spamsite.com:25/110/phonehome.jpg?emailaddress(or whatever) > > ... Nothing! > > Nice try though... Best protection is through your email client. O2K3 does > it native ^^ > I realize that, my point was that blocking more is better than blocking less. Whenever you can block everything and allow only the needed traffic, you'll be better off. Removing as many possible 'phone home vectors' as possible certainly can't hurt and is good security policy in general. --Ben > ~ > > >>-----Original Message----- >>From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure- >>admin@...ts.netsys.com] On Behalf Of Ben Nelson >>Sent: Wednesday, January 07, 2004 7:34 PM >>To: Gregh >>Cc: full-disclosure@...ts.netsys.com >>Subject: Re: [Full-Disclosure] Is the FBI using email Web bugs? >> >>Gregh wrote: >> >>>wont listen. In Zone Alarm you can tell it to DISALLOW Outlook Express >> >>(or >> >>>whatever you like) access to different ports. So, I tell it to disallow >>>access to or from port 80 by OE. Thus, a received HTML email with pics >> >>and >> >>>such in it just shows blanks, "x" or placeholders, really. Now, while >> >>saying >> >>>this, if you decided to use some other port to report back on, sure, you >>>would get around this but the majority of spam operators who spam you >> >>don't >> >>>require JUST the "click to remove" to be clicked to verify you DO exist >> >>thus >> >>>send more spam and sell the address to another spammer. They also have >> >>port >> >>>80 and if the email is clicked on by a typical OE setup, just to delete, >> >>it >> >>>"phones home". For those described earlier in this paragraph, ZA >> >>blocking OE >> >>>in/out on port 80 stops most of the phone home stuff. >> >>Couldn't you just block all port access from OE *EXCEPT* those that are >>needed? (probably 25, 110, 143) >> >>--Ben >> >>_______________________________________________ >>Full-Disclosure - We believe in it. >>Charter: http://lists.netsys.com/full-disclosure-charter.html > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists