Security Basics mailing list archives
RE: detecting SMTP engine behaviour
From: "Greg owens" <gowens () covad net>
Date: Mon, 1 May 2006 10:25:11 -0400
I created a custom signature to detect all SMTP not authorized Greg Owens, CCNP CCSP CISSP Telephone: 202-489-5252 Email:gowens () covad net -------------------------- Sent from my Samsung I730 Wireless Handheld -----Original Message----- >From: "ahmad mubarak"<gosi.infosec () gmail com> >Sent: 5/1/06 7:22:28 AM >To: "security-basics () securityfocus com"<security-basics () securityfocus com> >Subject: detecting SMTP engine behaviour >hi all > >as you know new viruses use SMTP Engine techniques to distrpute itself >to other machines and email addresses they find when scanning the >hard drives and mapped drives. > >is there any way to detect the malformed SMTP traffic and the source >address of machine host the worm or the SMTP engine since the worms >use different sender account not related to the same source machine >accounts. > >------------------------------------------------------------------------- >This List Sponsored by: Webroot > >Don't leave your confidential company and customer records un-protected. >Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no >obligation. See why so many companies trust Spy Sweeper Enterprise to >eradicate spyware from their networks. >FREE 30-Day Trial of Spy Sweeper Enterprise > >http://www.webroot.com/forms/enterprise_lead.php >-------------------------------------------------------------------------- > > > ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- detecting SMTP engine behaviour ahmad mubarak (May 01)
- Re: detecting SMTP engine behaviour ahmad mubarak (May 02)
- Re: detecting SMTP engine behaviour xyberpix (May 04)
- <Possible follow-ups>
- RE: detecting SMTP engine behaviour Greg owens (May 01)
- Re: detecting SMTP engine behaviour nasim_chowdhury (May 01)