Security Incidents mailing list archives
RE: Possible Intrusion Attempt?
From: "Whiteside, Larry [contractor]" <BAE14 () SPHQ SSP NAVY MIL>
Date: Fri, 23 May 2003 14:46:25 -0400
What mail server do you use? Exchange/Outlook will allow you to convert all html email to plaintext before the user receives it. It can be done at the client or the server. People will still be able to receive email from everyone, it's just that html email will be converted to plaintext before the user receives it. It doesn't adversely affect anyone. L *************************** Larry Whiteside Jr. Sr. Security Engineer -----Original Message----- From: Rob Shein [mailto:shoten () starpower net] Sent: Friday, May 23, 2003 2:34 PM To: Whiteside, Larry [contractor]; 'Matt LaFelero' Cc: incidents () securityfocus com Subject: RE: Possible Intrusion Attempt? I'm a little fuzzy about this part...how do you prevent people from accepting HTML mail, and considering how many mail clients out there send it by default, what do you do when all of a sudden a large percentage of people can't email you anymore? -----Original Message----- From: Whiteside, Larry [contractor] [mailto:BAE14 () SSP NAVY MIL] Sent: Thursday, May 22, 2003 3:31 PM To: Matt LaFelero Cc: incidents () securityfocus com Subject: RE: Possible Intrusion Attempt? <snip> my 2 cents: You should first stop allowing HTML email. That is one of the easiest ways for arbitrary code to be executed on your host. Then you should revamp your security program to teach your users not to open things from unknown sources. As long as you allow HTML email, you can be subject to this type of attack. <snip> ---------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ----------------------------------------------------------------------------
Current thread:
- Re: Possible Intrusion Attempt?, (continued)
- Re: Possible Intrusion Attempt? Gary Flynn (May 23)
- RE: Possible Intrusion Attempt? Jerry Shenk (May 23)
- Re: Possible Intrusion Attempt? Anders Reed Mohn (May 23)
- RE: Possible Intrusion Attempt? Whiteside, Larry [contractor] (May 23)
- RE: Possible Intrusion Attempt? Rob Shein (May 25)
- Re: Possible Intrusion Attempt? Andersson (no email) (May 26)
- Re: Possible Intrusion Attempt? Thomas Zimmerman (May 26)
- Re: Possible Intrusion Attempt? Lars Duesing (May 27)
- Re: Possible Intrusion Attempt? Stewart (May 27)
- RE: Possible Intrusion Attempt? Rob Shein (May 25)
- RE: Possible Intrusion Attempt? Thomas, Frank (May 23)
- RE: Possible Intrusion Attempt? Whiteside, Larry [contractor] (May 25)
- RE: Possible Intrusion Attempt? FWAdmin (May 26)
- RE: Possible Intrusion Attempt? Brad Webb (May 27)
- Re: Possible Intrusion Attempt? Matt LaFelero (May 27)
- Re: Possible Intrusion Attempt? Keith Owens (May 28)
- Re: Possible Intrusion Attempt? Jeff (May 29)
- Re: Possible Intrusion Attempt? Keith Owens (May 28)