lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <09ef01c40167$deca0fa0$5b00005a@moregarlic.com>
From: larry at larryseltzer.com (Larry Seltzer)
Subject: Backdoor not recognized by Kaspersky

>>I feel the need to address the problem from an ISP perspective, since the corporate
and government and other institutional persective seems to give different answers. And
because the ISP end user problem is still the majority of the reservoir for viruses (and
spam proxy/relay/trojans).

I really feel for you guys. As I've argued in another thread, I think SMTP
authentication will likely cut this stuff down to a trickle compared to the current
volume. As an ISP, how big a problem would you have with that. An even better question:
Would you have a problem implementing SPF, Caller ID and Domain Keys (i.e. all 3)? It
gets to the same issue of changing practices for your users: at some point you have to
either bounce or segregate mail that doesn't authenticate. 



Powered by blists - more mailing lists