nanog mailing list archives
Re: dealing with w32/bagle
From: Crist Clark <crist.clark () globalstar com>
Date: Thu, 04 Mar 2004 11:14:09 -0800
Laurence F. Sheldon, Jr. wrote:
Jeff Shultz wrote:** Reply to message from "Laurence F. Sheldon, Jr." <LarrySheldon () cox net> on Wed, 03 Mar 2004 22:04:44 -0600Curtis Maurand wrote:Until there's an easy way of getting a file to your friend down the street that's as easy as sending an email, we're stuck with this.
[snip]
My personal favorite that at one time would have been the easiest to develop has a MUA that "attaches" the document by storing the text in an HTTP-accessible archive (on the sender's machine? on the sender's MTA machine?) and including a URL in the email.
And how is this going to slow viruses passed around by the mad clickers? The email has a link they click on and the MUA downloads the message. This is pretty much how IMAP works anyway, just that the attachment is available for download at their IMAP server and arrived there over SMTP rather than some remote HTTP, FTP, or whatever server.
My personal objection to embedded attachments is not a product of the virus rage going on--
Ah, so this method of delivering content really is not meant to deal with this. We have to face it. The only real technical solution I am aware of is not allowing users to run arbitrary code on their systems. It looks like if you allow that, someone will be able to socially engineer enough moro^W users to download malicious code and execute it. C'mon, the current Bagle strains require the user to unzip the file, manually enter the password to the zip that's in the message body, then execute the unzipped file. It's spreading like wildfire. And we wonder who is gullible enough to buy spamvertized organ enlargement products or fall for a phishing scam? -- Crist J. Clark crist.clark () globalstar com Globalstar Communications (408) 933-4387
Current thread:
- dealing with w32/bagle Dan Hollis (Mar 03)
- Re: dealing with w32/bagle Brian Wilson (Mar 03)
- Re: dealing with w32/bagle Dominic J. Eidson (Mar 03)
- Re: dealing with w32/bagle Jeffrey I. Schiller (Mar 03)
- Re: dealing with w32/bagle Chris Edwards (Mar 03)
- Re: dealing with w32/bagle Curtis Maurand (Mar 03)
- Re: dealing with w32/bagle Laurence F. Sheldon, Jr. (Mar 03)
- Re: dealing with w32/bagle Curtis Maurand (Mar 04)
- Re: dealing with w32/bagle Jeff Shultz (Mar 04)
- Re: dealing with w32/bagle Laurence F. Sheldon, Jr. (Mar 04)
- Re: dealing with w32/bagle Crist Clark (Mar 04)
- Re: dealing with w32/bagle Curtis Maurand (Mar 04)
- Re: dealing with w32/bagle Sam Stickland (Mar 05)
- One hint - how to detect invected machines _post morten_... Re: dealing with w32/bagle Alexei Roudnev (Mar 05)
- Re: dealing with w32/bagle Valdis . Kletnieks (Mar 05)
- Re: dealing with w32/bagle Richard Welty (Mar 05)
- Re: dealing with w32/bagle Brian Wilson (Mar 03)
- Re: dealing with w32/bagle Roland Perry (Mar 04)
- Re: dealing with w32/bagle Stephen Milton (Mar 04)
- Re: dealing with w32/bagle Curtis Maurand (Mar 04)
- Message not available
- Re: dealing with w32/bagle JC Dill (Mar 05)
- Re: dealing with w32/bagle Jeff Shultz (Mar 05)