Full Disclosure mailing list archives
Re: AV "feature" does more DDoS than Sobig
From: madsaxon <madsaxon () direcway com>
Date: Thu, 28 Aug 2003 08:42:34 -0500
At 10:05 AM 8/28/03 -0300, Fabio Gomes de Souza wrote: > Anti-virus products are causing more harm than the Sobig Worm.
The problem is that many e-mail virus scanners send a "You are infected" reply to the address contained in the "From" header. Since the messages are spoofed, the inoccent, uninfected user "A" is flooded by automatic complaints from "C","D","E" regarding the virus that "B" sends.
I agree. Any sort of automated response based on perceived sender IP address is not only brain-dead, but irresponsible. It does nothing but compound the problem and needs to be curtailed. Now. m5x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AV "feature" does more DDoS than Sobig Fabio Gomes de Souza (Aug 28)
- Re: AV "feature" does more DDoS than Sobig madsaxon (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Richard M. Smith (Aug 28)
- Re: AV "feature" does more DDoS than Sobig William Warren (Aug 28)
- Re: AV "feature" does more DDoS than Sobig William Warren (Aug 28)
- Re: AV "feature" does more DDoS than Sobig Vladimir Parkhaev (Aug 28)
- Re: AV "feature" does more DDoS than Sobig James Greenhalgh (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Steve Wray (Aug 28)
- Re: AV "feature" does more DDoS than Sobig Vladimir Parkhaev (Aug 28)
- Re: AV "feature" does more DDoS than Sobig 3APA3A (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Richard M. Smith (Aug 28)
- Re: AV "feature" does more DDoS than Sobig Marcos Machado (Aug 28)
- RE: AV "feature" does more DDoS than Sobig Ron DuFresne (Aug 28)
(Thread continues...)
- Re: AV "feature" does more DDoS than Sobig madsaxon (Aug 28)