lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: tcleary2 at csc.com.au (tcleary2@....com.au)
Subject: viruses being sent to this list

John Sage said:

>What does this tell us? Virii are getting out via the list; whether
>they are being transmitted inadvertently or deliberately is still open
>to question...

.....and on that very topic, I'm getting bounces where the headers seem 
valid, containing old posts of mine to FD from the mailer-daemons of very 
reputable sources, containing virus scanner responses ( and viruses ) that 
get caught by our scanners.

It seems that either:

a) A worm is sending mails as if from an FD poster and as if the headers 
were from the list, using valid addresses and valid/spoofed received 
headers from old emails found on cracked machines.
or
b) The worms are being forwarded via the list with apparently valid 
subscriber details, as should be happening for an unmoderated list.

I vote the list is not responsible.

I say this because my email address is not subscribed to FD.

Ergo, the list can't have sent the messages I'm getting responses to, 
unless the moderator has been sending out my old posts, again.

I think this is conclusive?

Regards,

tom.
----------------------------------------------------------------------------------------
"In IT, acceptable solutions depend upon humans - Computers don't 
negotiate."
----------------------------------------------------------------------------------------
This is a PRIVATE message. If you are not the intended recipient, please 
delete without copying and kindly advise us by e-mail of the mistake in 
delivery. NOTE: Regardless of content, this e-mail shall not operate to 
bind CSC to any order or other contract unless pursuant to explicit 
written agreement or government initiative expressly permitting the use of 
e-mail for such purpose.
----------------------------------------------------------------------------------------


Powered by blists - more mailing lists