Vulnerability Development mailing list archives

Re: actions to jump2.eudora.com

From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Mon, 28 Aug 2000 17:48:59 +0200

         # Deny all TCP traffic to and from jump2.eudora.com (eudora backdoor)
         ${fwcmd} add deny tcp from any to 208.184.225.10
         ${fwcmd} add deny tcp from 208.184.225.10 to any


echo "ip_of_your_webserver jump2.eudora.com" >> hosts
(or) echo "127.0.0.1 jump2.eudora.com" >> hosts
(or) adding the same values to a cache'ing only DNS server

will ""solve"" this problem.

Experiments on how Eudora responds to a malicious server would be
interesting. Would seem like fooling users to run
"my_very_malicious_software.exe" would be rather trivial if you poison the
DNS.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

Current thread:

actions to jump2.eudora.com Peter Batenburg (Aug 27)
- Re: actions to jump2.eudora.com Igor Mozolevsky (Aug 27)
- Re: actions to jump2.eudora.com sigfrid (Aug 27)
  - Re: actions to jump2.eudora.com Bluefish (P.Magnusson) (Aug 28)
  - Re: actions to jump2.eudora.com Bluefish (P.Magnusson) (Aug 28)
- Re: actions to jump2.eudora.com Bluefish (P.Magnusson) (Aug 28)
- Re: actions to jump2.eudora.com Bluefish (P.Magnusson) (Aug 28)