| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9E97F0997FB84D42B221B9FB203EFA273F3626@dc1ms2.msad.brookshires.net> From: toddtowles at brookshires.com (Todd Towles) Subject: Sober.I worm is here It arrives at .doc, .txt and .word? Where are you seeing that? It can't be very dangerous as a TEXT file. As far as I know it uses the normal "double extensions" tricks. Any good email filter should pick this up and you should be fine. Anyone that just clicks on random attachments in their e-mail and doesn't have anti-virus, should get infected. At least, they are letting someone that knows something use your computer for something..lol j/k > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Danny > Sent: Friday, November 19, 2004 11:07 AM > To: KF_lists > Cc: etomcat@...email.hu; full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] Sober.I worm is here > > On Fri, 19 Nov 2004 11:22:31 -0500, KF_lists > <kf_lists@...netops.com> wrote: > > can you define "medium sized epidemic"? > > Any new features / functionality? > > Not too much, except for the fact that it also arrives with > the following attachment extenstions: .doc, .txt, and .word > > Which are not typically blocked by layer 7 aware firewalls. > Whereas, the biggies .scr, .pif, .exe, .com, .bat, etc., are > usually blocked. > > ...D > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists