[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Is the FBI using email Web bugs?
- To: full-disclosure@lists.netsys.com
- Subject: Re: [Full-Disclosure] Is the FBI using email Web bugs?
- From: Azerail <Azerail@supersecretninjaskills.com>
- Date: Thu, 8 Jan 2004 02:08:36 -0800
On Thu, 08 Jan 2004, Ben Nelson wrote:
> Poof wrote:
> >Actually- the problem with that is that fine... it won't allow any ports
> >except for the needed 25/110/143... Then what's to stop an image from using
> >http://www.spamsite.com:25/110/phonehome.jpg?emailaddress(or whatever)
> >
> >... Nothing!
> >
> >Nice try though... Best protection is through your email client. O2K3 does
> >it native ^^
> >
>
> I realize that, my point was that blocking more is better than blocking
> less. Whenever you can block everything and allow only the needed
> traffic, you'll be better off. Removing as many possible 'phone home
> vectors' as possible certainly can't hurt and is good security policy in
> general.
>
> --Ben
>
Why don't you guys just cut to the root of the problem and not use
mail clients that access files on other people's servers when you read
your mail. HTML e-mail sucks.
Azerail
--
To be wise, the only thing you really need
to know is when to say "I don't know."
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html