[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Backdoor not recognized by Kaspersky

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] Backdoor not recognized by Kaspersky
From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 04 Mar 2004 16:00:33 +1300

Ron DuFresne <dufresne@xxxxxxxxxxxxx> wrote:

> > how about the smtp server simply rejecting mail from spoofed hosts ?
> > as all the viruses generate spoofed hosts and it is very easy for any
> > smtp server to do a dns lookup on the sending server, if the hostname
> > / ip address do not match reject the message.
> 
> Finally some sanity marks this thread!

"sanity"??

Care to define the "nearly foolproof" "spoofed hosts detection" 
algorithm that will not have an unbearably high false-positive 
rejection rate??

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
  - From: Alexander MacLennan

References:
- RE: [Full-Disclosure] Backdoor not recognized by Kaspersky
  - From: Aditya, ALD [Aditya Lalit Deshmukh]
- RE: [Full-Disclosure] Backdoor not recognized by Kaspersky
  - From: Ron DuFresne

Prev by Date: [Full-Disclosure] E-mail spoofing countermeasures (Was: Backdoor not recognized by Kaspersky)
Next by Date: RE: [Full-Disclosure] Backdoor not recognized by Kaspersky
Previous by thread: Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
Next by thread: Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
Index(es):
- Date
- Thread