Vulnerability Development mailing list archives
Re: Why not a changeling?
From: sigipp () WELLA COM BR (sigipp () WELLA COM BR)
Date: Mon, 29 May 2000 08:55:20 -0300
Hi Michael o.k., i got the point. You are right. For protection against those viruses: how about searching for something what might be a password, try that to decrypt the zip, and if it works, try to detect a virus. Primarily the idea behind this is, that if you get a password-protected file, it would be obviuosly nonsense (in terms of securing the archive) to include the password in the same file. So i´d prefere to automagically delete these attaches, if they are encrypted and could be decrypted with a word from the message, which might be a password. I´d prefere delete them without further checking the archive for known viruses. Detecting possible passwords in the mail should not be too difficult, for the text containing this password has to contain an advice for the reader to use this as a password. People who know how to find a password in the mail without advice, and know to use it to decrypt the zip, are normally aware of the security problem and the logical nonsense of that. Greetings Siegfried Gipp
Current thread:
- Re: Why not a changeling?, (continued)
- Re: Why not a changeling? White Vampire (May 25)
- Re: Why not a changeling? sigipp () WELLA COM BR (May 22)
- Re: Why not a changeling? Michael Wojcik (May 22)
- Re: Why not a changeling? Maxime Rousseau (May 23)
- Re: Why not a changeling? Michael Wojcik (May 23)
- Re: Why not a changeling? White Vampire (May 25)
- Re: Why not a changeling? rain forest puppy (May 23)
- Re: Why not a changeling? Michael Wojcik (May 25)
- Re: Why not a changeling? prole (May 25)
- Re: Why not a changeling? Maxime Rousseau (May 25)
- Re: Why not a changeling? sigipp () WELLA COM BR (May 29)