Security Incidents mailing list archives
Re: New gnutella worm found in the wild.
From: Jeff Palmer <jeff () ISNI NET>
Date: Tue, 25 Jul 2000 15:49:32 -0400
I apologize, I thought I pasted the URL to the recipe in the original mailing.. I choose to rename all currently known window executable/dangerous files... I currently rename .vbs .hta .exe .com .bat .hlp and various others file extensions... The url for the html-trap recipe is: ftp://ftp.rubyriver.com/pub/jhardin/antispam/html-trap.procmail with much information at: http://www.wolfenet.com/~jhardin/procmail-security.html I did not create this recipe, and I do not take credit for it. It is very porwerful, HANDLE WITH CARE! hehe let me know what you think... Jeff jeff () isni net At 12:22 PM 7/25/00 -0700, you wrote:
I'd love to see your recipe, if you'd be willing to post it... I'm sure others here would, too. --k On Mon, 24 Jul 2000, Jeff Palmer wrote: > System administrators who want to nip these types of viruses in the > bud, can install procmail as the systems MDA. > > I use procmail, and then I added a very smart "html-trap" filter to filter > out certain file types.. > > such as .vbs .hta .exe .com .bat and the like. > also filters out double extensions.
Current thread:
- New gnutella worm found in the wild. Matt Merhar (Jul 21)
- Re: New gnutella worm found in the wild. David Bailey (Jul 24)
- Automated SSH scanning John Kristoff (Jul 24)
- Re: Automated SSH scanning Sean Dalnodar (Jul 25)
- Re: New gnutella worm found in the wild. Jeff Palmer (Jul 24)
- Message not available
- Re: New gnutella worm found in the wild. Jeff Palmer (Jul 26)
- Automated SSH scanning John Kristoff (Jul 24)
- Re: New gnutella worm found in the wild. David Bailey (Jul 24)