RE: [Full-Disclosure] Backdoor not recognized by Kaspersky

["Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>]

> 'Password is a long yellow fruit enjoyed by monkeys.'

which ones ? there are many types of them around here ....
 
> Leave passworded .zips alone -- take the sensible approach and catch an 
> infected file once it's been extracted.


that would be the best approach but it would make all the spam to be able to 
come up to the desktop.
maybe we will start getting all the spam as zipped attachments...

how about the smtp server simply rejecting mail from spoofed hosts ? as all the 
viruses generate spoofed hosts and it is very easy for any smtp server to do a 
dns lookup on the sending server, if the hostname / ip address do not match 
reject the message.



________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html