Full Disclosure mailing list archives
Re: A worm...
From: "Nexus" <nexus () patrol i-way co uk>
Date: Thu, 26 Jun 2003 15:59:13 +0100
----- Original Message ----- From: "Peter Kruse" <kruse () krusesecurity dk> To: <full-disclosure () lists netsys com> Sent: Thursday, June 26, 2003 1:57 PM Subject: SV: [Full-disclosure] A worm... [snip]
malicious code inside the new rar format and spread it. I suppose it´s fairly easy to write a worm that packs itself with a random password and inserts this into a e-mail sent to the victim. This way it will pass most AV-gateway scanners since they won't have access to scan inside the zipe archive.
In that case [the content analysis engine] should automatically quarantine the attachment and await human intervention. Otherwise, why bother with them at all ? It's an odd world when the preferred solution is an application rather than user edumacation. Cheers. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- A worm... ATD (Jun 25)
- RE: A worm... Phillip A Jaeger (Jun 25)
- RE: A worm... gml (Jun 25)
- <Possible follow-ups>
- Re: A worm... golddog (Jun 25)
- Re: A worm... KF (Jun 25)
- Re: A worm... ATD (Jun 25)
- RE: A worm... Richard M. Smith (Jun 26)
- SV: A worm... Peter Kruse (Jun 26)
- RE: A worm... Richard M. Smith (Jun 26)
- RE: A worm... ATD (Jun 26)
- Re: A worm... Nexus (Jun 26)
- Re: A worm... ATD (Jun 26)
- RE: A worm... Richard M. Smith (Jun 26)
- RE: A worm... Ron DuFresne (Jun 26)
- Re: A worm... Roy S. Rapoport (Jun 26)
- Re: A worm... KF (Jun 25)
- Re: A worm... morning_wood (Jun 26)
- SV: A worm... Peter Kruse (Jun 26)
- Re: A worm... ATD (Jun 26)
- RE: A worm... ATD (Jun 26)
- RE: A worm... M. Osten (Jun 26)