Full Disclosure mailing list archives
Re: viruses being sent to this list
From: Valdis.Kletnieks () vt edu
Date: Mon, 22 Mar 2004 20:33:35 -0500
On Tue, 23 Mar 2004 02:11:13 +0200, Gadi Evron <ge () egotistical reprehensible net> said:
We can go into an endless discussion on liability. As FD is being used to spread malware, repeatedly, and filtering that malware is a matter of responsibility..
My mail server racked up 377,545 viruses recognized last week alone: Breakdown: 158476 NETSKY.C (41.98%) 55024 NETSKY.D (14.57%) 38905 BAGLE-ZIP ( 10.3%) 24640 NETSKY.O ( 6.53%) 21338 NETSKY.B ( 5.65%) 16452 BAGLE.K ( 4.36%) 13908 BAGLE.J ( 3.68%) 12349 NETSKY.J ( 3.27%) 8047 DUMARU.K ( 2.13%) 5512 MYDOOM.A ( 1.46%) I don't think that FD is the problem here. The problem is that the average computer is basically designed for web surfing and virus propagation.
One would think the FD managers would do something about this. This is not about the infected user, the VX'ers, or the ISP's.
It's *all* about the infected user, the A/V companies, and the ISPs. Let's look at the archives of the list, postings from you this month: http://lists.netsys.com/pipermail/full-disclosure/2004-March/018957.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/018992.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/018996.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/018998.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/019092.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/019104.html http://lists.netsys.com/pipermail/full-disclosure/2004-March/019110.html So which of those is a virus with your name forged on it? Oh, there aren't any? (Looking at the archives for the entire month, I'm not seeing *any* from *anybody* - am I missing some? Where are the "repeated" malware distributions?) Looks to me like you want FD to take action about mail that's not even passing through its servers - and that's the sort of dangerous precedent that make things like Echelon and Omnivore unpopular. If you can't deal with the fact that subscribing to this list may expose you to the occasional malware or other small-arms fire, I suggest you do something productive about it: Each posting to the list has a RFC2369 header: List-unsubscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=unsubscribe> Use it. There's plenty of other, more heavily moderated, mailing lists out there. If you can't deal with the fact that worms are doing address scraping to forge the From: line, you may wish to consider whether a career in computer security is really your calling.
Attachment:
_bin
Description:
Current thread:
- Re: viruses being sent to this list, (continued)
- Re: viruses being sent to this list Steve Menard (Mar 22)
- Re: viruses being sent to this list Troy (Mar 23)
- Re: viruses being sent to this list Nick FitzGerald (Mar 22)
- Re: viruses being sent to this list Byron Copeland (Mar 22)
- Re: viruses being sent to this list Gadi Evron (Mar 22)
- Re: viruses being sent to this list Jason Slagle (Mar 22)
- Re: viruses being sent to this list Collin (Mar 23)
- Re: viruses being sent to this list Gadi Evron (Mar 22)
- Re: viruses being sent to this list Gadi Evron (Mar 22)
- Message not available
- Re: viruses being sent to this list Gadi Evron (Mar 22)
- Re: viruses being sent to this list Dan Wilder (Mar 22)
- Re: viruses being sent to this list Valdis . Kletnieks (Mar 22)
- Re: viruses being sent to this list Gregory A. Gilliss (Mar 22)
- Message not available
- Re: viruses being sent to this list Todd Burroughs (Mar 22)
- Re: viruses being sent to this list Gadi Evron (Mar 22)
- Re: viruses being sent to this list Troy (Mar 23)
- Re: viruses being sent to this list Gadi Evron (Mar 22)
- RE: viruses being sent to this list Alerta Redsegura (Mar 23)
- Re: viruses being sent to this list catholic (Mar 23)
- Re: viruses being sent to this list Gadi Evron (Mar 23)