lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1080184561.18450.3.camel@Stargate>
From: nodialtone at comcast.net (Byron Copeland)
Subject: Re: text

Yeah, I'd think that is pretty lame that a virus scanner would just
parse text in an email and declare the "sky is falling" and not actually
look for a documented signature.

-b

On Wed, 2004-03-24 at 20:59, Paul Schmehl wrote:
> --On Wednesday, March 24, 2004 4:06 PM -0500 Valdis.Kletnieks@...edu wrote:
> >
> > *yawn*  So some bozo who reads full-disclosure has a virus, and it scraped
> > the listname and Paul's name.  Death of Internet Predicted. Film at 11.
> 
> False assumption.  No one on this list has to be infected for this list to 
> get a virus.  All it takes is someone who is infected and has the email 
> address of a list member on their hard drive - in an addressbook, in their 
> browser cache, in a text file they saved from a website, and the virus can 
> send email "from" them.  Then all that is left is to have the address of 
> the list as well, and the virus can send mail to the list.
> 
> However, in this case, *I* sent the "virus".  I had the word "t e x t . p i 
> f" in the body of my message (without the spaces, of course), and the 
> poorly configured AV scanners "detected" a virus.
> 
> If you give that some brief thought, it should appall you that people 
> actually *paid* for that software when grep could do the same thing.
> 
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-- 
"Save yourself from the 'Gates' of hell, use Linux." -- The_Kind @
LinuxNet
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040324/05d9cc90/attachment.bin

Powered by blists - more mailing lists