[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Backdoor not recognized by Kaspersky

To: <Bart.Lansing@xxxxxxxxx>
Subject: RE: [Full-Disclosure] Backdoor not recognized by Kaspersky
From: "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 3 Mar 2004 23:36:09 +0530

> The zip's contents can
> be seen without the password, just not unpacked...no cracking it required.

now winrar has a option to encrypt file names with a password, me thinks pkzip 
with the 64 bit compression also has that feature... how are we going to deal 
with this ? by stopping all the compressed mail at the email gateway ?

we do have one solutions: all the mail headers are spoofed so just stop 
accepting mail from spoofed host, this should solve your spam problem also

> You should be blocking executables by policy anyway, yes?

that is always being done by the all the people in this day and age, only now 
we seem to forget to add the compressed file format that are encrypted so that 
their file contects cannot be seen ?

-aditya 




________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
  - From: KUIJPERS Jimmy

References:
- Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
  - From: Bart . Lansing

Prev by Date: Re: [Full-Disclosure] Buffer overflow in qmail-qmtpd, yet still qmail much better than windows
Next by Date: Re: [Full-Disclosure] SQL-worm 1 IP multiple MAC???
Previous by thread: Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
Next by thread: Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
Index(es):
- Date
- Thread