| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: viruses being sent to this list On Tue, 23 Mar 2004 02:11:13 +0200, Gadi Evron <ge@...tistical.reprehensible.net> said: > We can go into an endless discussion on liability. As FD is being used > to spread malware, repeatedly, and filtering that malware is a matter of > responsibility.. My mail server racked up 377,545 viruses recognized last week alone: Breakdown: 158476 NETSKY.C (41.98%) 55024 NETSKY.D (14.57%) 38905 BAGLE-ZIP ( 10.3%) 24640 NETSKY.O ( 6.53%) 21338 NETSKY.B ( 5.65%) 16452 BAGLE.K ( 4.36%) 13908 BAGLE.J ( 3.68%) 12349 NETSKY.J ( 3.27%) 8047 DUMARU.K ( 2.13%) 5512 MYDOOM.A ( 1.46%) I don't think that FD is the problem here. The problem is that the average computer is basically designed for web surfing and virus propagation. > One would think the FD managers would do something about this. > > This is not about the infected user, the VX'ers, or the ISP's. It's *all* about the infected user, the A/V companies, and the ISPs. Let's look at the archives of the list, postings from you this month: http://lists.netsys.com/pipermail/full-disclosure/2004-March/018957.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/018992.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/018996.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/018998.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/019092.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/019104.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/019110.html So which of those is a virus with your name forged on it? Oh, there aren't any? (Looking at the archives for the entire month, I'm not seeing *any* from *anybody* - am I missing some? Where are the "repeated" malware distributions?) Looks to me like you want FD to take action about mail that's not even passing through its servers - and that's the sort of dangerous precedent that make things like Echelon and Omnivore unpopular. If you can't deal with the fact that subscribing to this list may expose you to the occasional malware or other small-arms fire, I suggest you do something productive about it: Each posting to the list has a RFC2369 header: List-unsubscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request@...ts.netsys.com?subject=unsubscribe> Use it. There's plenty of other, more heavily moderated, mailing lists out there. If you can't deal with the fact that worms are doing address scraping to forge the From: line, you may wish to consider whether a career in computer security is really your calling. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040322/bf5407f7/attachment.bin
Powered by blists - more mailing lists