[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] AV "feature" does more DDoS than Sobig
- To: "'Vladimir Parkhaev'" <vladimir@arobas.net>, "'William Warren'" <hescominsoon@adelphia.net>
- Subject: RE: [Full-Disclosure] AV "feature" does more DDoS than Sobig
- From: "Steve Wray" <steve.wray@paradise.net.nz>
- Date: Fri, 29 Aug 2003 08:06:13 +1200
Wellllll best... but not impossible to do it at the
firewall; you can do string matching in iptables (Linux).
You might need a powerful computer and fast NICs
tho otherwise performance might be a bit bad!
;)
> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
> Vladimir Parkhaev
> Sent: Friday, 29 August 2003 3:17 a.m.
> To: William Warren
> Cc: Fabio Gomes de Souza; bugtraq@securityfocus.com;
> full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] AV "feature" does more DDoS than Sobig
>
>
> Quoting William Warren (hescominsoon@adelphia.net):
> > this is the very reason i block all executables at my
> firewall...plus it
> > reduces the load on my workstations from having to scan all that
> > garbage..<G>
>
> firewall? the best place to block IMHO will be on mail gateways
> ( you can bounce it with a nice message like 'atttachements of this
> type are not welcome here' )....
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html