Re: RE : MCAFEE E-MAIL SCAN ALERT!~[FULL-DISCLOSURE] FWD: INTERNET S

[Gossi The Dog <gossi () lab6 com>]

On Fri, 2003-04-11 at 07:07, Valdis.Kletnieks () vt edu wrote:
> On Wed, 09 Apr 2003 22:12:45 EDT, Jason <security () brvenik com>  said:
>
> > Look at how your "protections" expose you when dealing with lists too. 
> > Then look at those annoying out of office notifications. Nothing like 
> > telling a lot of people the perfect contact points in an org doing some 
> > type of security, ohh and by the way, they are out of the office!
>
> And better yet, the mail packages that are the biggest offenders are also both
> quite well known as the subject of security advisories, and also quite helpful
> in providing their exact release/build info, so you can carefully craft a
> message for maximum impact.
>
> Might as well just attach a .BMP of concentric red-and-white circles to the note ;)

Well - indeed.  I seem to recall if you send duff (like 500 bytes) SMTP
commands to NAI Webshield, it causes it to crash.  I never really
bothered following it up.

Plus, NAI Webshield doesn't log the IP in email headers of connecting
servers.  So you can do HELO nasa.gov, and it passes it on as nasa.gov
in the headers.  Could be quite handy, that.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html