lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200403060145.i261jXFV005512@smtp.washington.edu>
From: cdevoney at u.washington.edu (Chris DeVoney)
Subject: [inbox] Re: Re: E-Mail viruses 

On Friday, March 05, 2004 12:20 PM, Curt Purdy wrote:

> Methinks you misunderstand.  Only the proprietary extension, 
> i.e. .inc or .xyz or .whatever, would be allowed through, and 
> since virus writers would never use this extension, it would 
> eliminate ALL viruses at the gateway.
> The nice thing about this approach is that it completely 
> eliminates the need for any anti-virus on the mail server 
> since all virus attachments are automatically dropped without 
> the need for scanning.  Quite a simple, yet elegant solution, 
> if I do say so myself.

And (I think this paraphrases a collective thought) happens when the virus
writers start sending attachments using that "magic" extension and include a
social-engineered message in the e-mail to rename this thing to a .exe and
execute it.?


cdv

------------------------
Chris DeVoney
Clinical Research Center Informatics
University of Washington
cdevoney@...ashington.edu
206-598-6816 
------------------------


Powered by blists - more mailing lists