[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4CEBE64C.3040809@propergander.org.uk>
Date: Tue, 23 Nov 2010 16:05:32 +0000
From: mrx <mrx@...pergander.org.uk>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: virus in email RTF message MS OE almost
disabled
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 23/11/2010 15:03, Mikhail A. Utin wrote:
> This my final reply.
> For still interested:
> - it happened on my home PC
> - immediately disconnected (for a few interested people I can forward email to taste this thing after receiving appropriate paperwork)
> - it is beyond MS released SPs for Office and Windows
> - using this list is OK as we discuss vulnerabilities
> - using corporate email is not prohibited to discuss professional topics
> - public emails, charts/IM, social sites are prohibited by policies
>
> Sorry, I was looking for a few short ideas and mostly for known cases, but not lecturing. I'll fix it, not a big deal. Expect others as having some knowledge as well and do not waste time. BTW, certifications help in all covered matters, believe me. Even in understanding that other may know something and do have certain experience.
>
> If you know such cases, please, reply. Otherwise do not waste your and computer energy.
>
> Thank you
>
> Mikhail A. Utin, CISSP
> Information Security Analyst
> Commonwealth Care Alliance
> 30 Winter St.
> Boston, MA
> TEL: (617) 426-0600 x.288
> FAX: (617) 249-2114
> http://www.commonwealthcare.org
> mutin@...monwealthcare.org
>
<snip>
With a CISSP I expect you would have the skill to set up a VM, replicate the scenario and monitor system activity... Analysis.
A Scroogle/Google on some of your results should provide the answers you need. I'm sorry but I fail to understand how someone with a CISSP would
require help in dealing with this.
My limited experience leads me to believe that like any security analyst, a CISSP should have a lab of some description at home. Doubly so for a
CISSP who is a security analyst. Your initial post did you no favours and casts doubt on your abilities to live up to the standards required by
your qualification and position. The only time to leak information about security practice to this list is when you want a free pentest from
some of the less scrupulous members of FD.
Using plain text for emails shuts down a whole lot of attack vectors in OE, as it does in any email client. But you are a CISSP, you don't need
me telling you this.
Don't take my comments or the comments of others too hard and certainly not personally. This is a tough room, with some exacting professionals.
Regards
Dave something
Information Security Noob.
- --
Mankind's systems are white sticks tapping walls.
http://www.propergander.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEVAwUBTOvmTLIvn8UFHWSmAQLO5wf/VDh2T4EpNCQkTbdwHLvzVWzkSSu8H2WM
QdWWquj2IK8npt7UqrmZZ/skvpYxZeYcWvfj034CEPPcfyRqFQFN/FilbQ1zDKFV
b2+r8yuXD2pfPWJdPixvCaR05+IgtSSbIxqFOgkbW7fvYqiNoYD2iDtAsatWMJIk
kOWkSgdAyZjLaWB3oGbHTDnunIikIdstM74T4HjVymfAf72GJB6CtipM0TtW3XaL
yh9xwQO0R28mrwoMLWj/KGyTHEeXa/xxCXB6bNSzDlE01eJxUroagKtlDdU2eXWd
02fARANHvfUDBozL+PUc7scGSkeO2fxw1Ffs3uZhotLs/XG+iEi8NQ==
=IAaY
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists