Re: Is predictable spam filtering a vulnerability?

["Bill Burge" <bill () burge com>]

This is nothing new to spam filtering.  Any dynamic/proactive filter mechanism is subject to the sam shenanigans.

This has been a "feature" of IntrusionPreventionSystems since they came out.  Spoof an attack from an IP you want to be 
denied, and the IDS updates the ruleset on the firewall (what a IPS really is, an IDS talking to a firewall) and that 
third party can't get past that perimeter.

bburge
someguy who does this kinda stuff

*********** REPLY SEPARATOR  ***********

On 6/17/2004 at 7:27 PM Joel Eriksson wrote:

> On Wed, Jun 16, 2004 at 01:26:28PM +0200, R Armiento wrote:
> [snip]
> > For example: attacker 'A' sends 'B' a social engineering request
> > for "the secret plans" and says "if you are unsure, forward my
> > request to your boss and ask if this is okay". 'B' forwards the
> > email to his boss 'C' and asks "Is this okay?". However, 'C':s
> > spam filter silently drops the email. 'A' forges a reply from
> > 'C' saying: "Sure, no problem, go ahead."
>
> Many will probably discard the above as farfetched or ignore it
> since it's not a "real" vulnerability that gives remote root to
> the attacker, I think it's beautiful though. :)
>
> Security is a state of mind, a way of thinking. Vulnerabilities
> are all around us and the one you point out above is certainly
> one of them.
>
> > Regards,
> > R. Armiento
>
> --
> Best Regards,
>   Joel Eriksson
> -------------------------------------------------
> Cellphone: +46-70 228 64 16 Home: +46-26-10 23 37
> Security Research & Systems Development at Bitnux
> PGP Key Server pgp.mit.edu, PGP Key ID 0x08811B44
> DF38 5806 0EFB 196E E4B6 34B5 4C01 73BB 0881 1B44
> -------------------------------------------------