Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: AV "feature" does more DDoS than Sobig

From: "Steve Wray" <steve.wray () paradise net nz>
Date: Fri, 29 Aug 2003 08:06:13 +1200
Wellllll best... but not impossible to do it at the
firewall; you can do string matching in iptables (Linux).
You might need a powerful computer and fast NICs
tho otherwise performance might be a bit bad!
;)


-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Vladimir Parkhaev
Sent: Friday, 29 August 2003 3:17 a.m.
To: William Warren
Cc: Fabio Gomes de Souza; bugtraq () securityfocus com; 
full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] AV "feature" does more DDoS than Sobig


Quoting William Warren (hescominsoon () adelphia net):

this is the very reason i block all executables at my 

firewall...plus it 

reduces the load on my workstations from having to scan all that 
garbage..<G>


firewall? the best place to block IMHO will be on mail gateways
( you can bounce it with a nice message like 'atttachements of this
type are not welcome here' )....

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: