Security Basics mailing list archives

detecting SMTP engine behaviour


From: "ahmad mubarak" <gosi.infosec () gmail com>
Date: Mon, 1 May 2006 14:22:28 +0300

hi all

as you know new viruses use SMTP Engine techniques to distrpute itself
to other machines and email addresses they find  when scanning the
hard drives and mapped drives.

is there any way to detect the malformed SMTP traffic and the source
address of machine host the worm or the SMTP engine since the worms
use different sender account not related to the same source machine
accounts.

-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------


Current thread: