[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Backdoor not recognized by Kaspersky
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: RE: [Full-Disclosure] Backdoor not recognized by Kaspersky
- From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
- Date: Thu, 04 Mar 2004 16:00:33 +1300
Ron DuFresne <dufresne@xxxxxxxxxxxxx> wrote:
> > how about the smtp server simply rejecting mail from spoofed hosts ?
> > as all the viruses generate spoofed hosts and it is very easy for any
> > smtp server to do a dns lookup on the sending server, if the hostname
> > / ip address do not match reject the message.
>
> Finally some sanity marks this thread!
"sanity"??
Care to define the "nearly foolproof" "spoofed hosts detection"
algorithm that will not have an unbearably high false-positive
rejection rate??
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html