Security Basics mailing list archives
detecting SMTP engine behaviour
From: "ahmad mubarak" <gosi.infosec () gmail com>
Date: Mon, 1 May 2006 14:22:28 +0300
hi all as you know new viruses use SMTP Engine techniques to distrpute itself to other machines and email addresses they find when scanning the hard drives and mapped drives. is there any way to detect the malformed SMTP traffic and the source address of machine host the worm or the SMTP engine since the worms use different sender account not related to the same source machine accounts. ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- detecting SMTP engine behaviour ahmad mubarak (May 01)
- Re: detecting SMTP engine behaviour ahmad mubarak (May 02)
- Re: detecting SMTP engine behaviour xyberpix (May 04)
- <Possible follow-ups>
- RE: detecting SMTP engine behaviour Greg owens (May 01)
- Re: detecting SMTP engine behaviour nasim_chowdhury (May 01)