Full Disclosure mailing list archives
RE: A worm...
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Thu, 26 Jun 2003 13:34:19 -0400
Here's a column I did awhile back on why user education is an impractical solution to computer security issues: http://www.privacyfoundation.org/commentary/tipsheet.asp?id=33&action=0 Richard -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of ATD Sent: Thursday, June 26, 2003 12:20 PM To: Nexus Cc: Peter Kruse; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] A worm... I agree with you 100% but you do realize that the challenge is to educate executives that do not understand, or care to understand security. They just "want it to work". Being an executive myself, I understand that mentality, but I also understand the value of knowledge. On Thu, 2003-06-26 at 10:59, Nexus wrote:
----- Original Message ----- From: "Peter Kruse" <kruse () krusesecurity dk> To: <full-disclosure () lists netsys com> Sent: Thursday, June 26, 2003 1:57 PM Subject: SV: [Full-disclosure] A worm... [snip]malicious code inside the new rar format and spread it. I suppose
it´s
fairly easy to write a worm that packs itself with a random password
and
inserts this into a e-mail sent to the victim. This way it will pass most AV-gateway scanners since they won't have access to scan inside
the
zipe archive.In that case [the content analysis engine] should automatically
quarantine
the attachment and await human intervention. Otherwise, why bother with them at all ? It's an odd world when the preferred solution is an application rather than user edumacation. Cheers. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: A worm..., (continued)
- RE: A worm... gml (Jun 25)
- Re: A worm... golddog (Jun 25)
- Re: A worm... KF (Jun 25)
- Re: A worm... ATD (Jun 25)
- RE: A worm... Richard M. Smith (Jun 26)
- SV: A worm... Peter Kruse (Jun 26)
- RE: A worm... Richard M. Smith (Jun 26)
- RE: A worm... ATD (Jun 26)
- Re: A worm... Nexus (Jun 26)
- Re: A worm... ATD (Jun 26)
- RE: A worm... Richard M. Smith (Jun 26)
- RE: A worm... Ron DuFresne (Jun 26)
- Re: A worm... Roy S. Rapoport (Jun 26)
- Re: A worm... KF (Jun 25)
- Re: A worm... morning_wood (Jun 26)
- SV: A worm... Peter Kruse (Jun 26)
- Re: A worm... ATD (Jun 26)
- RE: A worm... ATD (Jun 26)
- RE: A worm... M. Osten (Jun 26)
- Re: A worm... Brett Hutley (Jun 26)
- RE: A worm... Nick FitzGerald (Jun 26)