lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200406191058.i5JAwTu15733@netsys.com>
From: larry at larryseltzer.com (Larry Seltzer)
Subject: RE: Spam Solution

>>Correct me if I'm wrong. One worm some time ago even _asked_ users to enter their SMTP
AUTH credentials. And it spread quite well. Attach a spam engine and reduce its
spreading rate to stay under the AV radar as long as possible and you're set.
>>Was it SWEN? Or one of the encrypted ZIP thingies? I can't remember but it happened. 

Yes, you are thinking of Swen, but it doesn't do what you suggest. It asks you for SMTP
and POP3 server and login info, but it uses them to access your POP3 server. It's a
weird story; see
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html for details
and screen shots.

Of course, they could ask you for your SMTP credentials too, but this doesn't worry me
too much. 

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@...fdavis.com 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ