Full Disclosure mailing list archives

Re: Backdoor not recognized by Kaspersky

From: Alexander MacLennan <maclenna () cs curtin edu au>
Date: Thu, 04 Mar 2004 11:47:46 +0800

rm -rf /

that should do it

Nick FitzGerald wrote:

Ron DuFresne <dufresne () winternet com> wrote:

how about the smtp server simply rejecting mail from spoofed hosts ?
as all the viruses generate spoofed hosts and it is very easy for any
smtp server to do a dns lookup on the sending server, if the hostname
/ ip address do not match reject the message.


Finally some sanity marks this thread!



"sanity"??

Care to define the "nearly foolproof" "spoofed hosts detection"algorithm that will not have an unbearably high false-positiverejection rate??



Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



!DSPAM:4046a529202801981333611!




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Backdoor not recognized by Kaspersky, (continued)
- - - Re: Backdoor not recognized by Kaspersky Gregor Lawatscheck (Mar 03)
    - Re: Backdoor not recognized by Kaspersky Valdis . Kletnieks (Mar 04)
    - RE: Backdoor not recognized by Kaspersky Aditya, ALD [Aditya Lalit Deshmukh] (Mar 03)
    - RE: Backdoor not recognized by Kaspersky Ron DuFresne (Mar 03)
    - Re: Backdoor not recognized by Kaspersky Rodrigo Barbosa (Mar 03)
    - Re: Backdoor not recognized by Kaspersky Michael Gale (Mar 03)
    - Re: Backdoor not recognized by Kaspersky Nick FitzGerald (Mar 03)
    - SMTP open relays and RFC (was: Backdoor not recognized by Kaspersky) Martin Mačok (Mar 04)
    - Message not available
    - Re: Backdoor not recognized by Kaspersky Rodrigo Barbosa (Mar 04)
    - RE: Backdoor not recognized by Kaspersky Nick FitzGerald (Mar 03)
    - Re: Backdoor not recognized by Kaspersky Alexander MacLennan (Mar 03)
    - RE: Backdoor not recognized by Kaspersky Nick FitzGerald (Mar 03)
    - SMTP rejecting wrong HELO/EHLO domains will save the world (was: Backdoor in passworded ZIP not recognized by Kaspersky) Martin Mačok (Mar 03)
    - Re: Backdoor not recognized by Kaspersky Valdis . Kletnieks (Mar 04)
    - Re: Backdoor not recognized by Kaspersky Nick FitzGerald (Mar 03)
- RE: Backdoor not recognized by Kaspersky Jos Osborne (Mar 03)
- RE: Backdoor not recognized by Kaspersky Schmehl, Paul L (Mar 03)
  - Re: Backdoor not recognized by Kaspersky Cael Abal (Mar 03)
  - Re: Backdoor not recognized by Kaspersky Stef (Mar 03)
    - Re: Backdoor not recognized by Kaspersky Nick FitzGerald (Mar 03)
  - RE: Backdoor not recognized by Kaspersky Nick FitzGerald (Mar 03)

(Thread continues...)