[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] viruses being sent to this list

To: Full-Disclosure <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] viruses being sent to this list
From: John Sage <jsage@xxxxxxxxxxxxxx>
Date: Wed, 24 Mar 2004 06:42:35 -0800

/*
   the thread that refused to die...
   ...now with extra! extra! life.
*/

On Wed, Mar 24, 2004 at 02:34:33PM +0200, Gadi Evron wrote:
> From: Gadi Evron <ge@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
> User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207)
> To: Full-Disclosure <full-disclosure@xxxxxxxxxxxxxxxx>
> CC: John Cartwright <johnc@xxxxxxxxxxx>
> Subject: Re: [Full-Disclosure] viruses being sent to this list
> Date: Wed, 24 Mar 2004 14:34:33 +0200
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> As I got a response from the managers, I am happy. And I took it
> off-list.
> 
> They asked for us to send any responses to them directly rather than
> on-list, and I did. However, this has now become a different thread,
> so I will try and contribute.
> 
> The samples below could have been detected by any AV using
> signatures alone. Thus, without any heuristics, not risking false
> positives or requiring more time spent on moderation.

I don't use any AV software. Don't need it.

And I appreciate getting virii from this list (No! seriously!) and
several other lists I participate in because it gives me the
opportunity to examine and collect examples of what's out there.


> If anything, it should help out on moderating all the viruses that get
> sent from off-list addresses, by saving time, and with no risk of new
> stuff not getting to the list due to a false positive.

How would you filter against off-list addresses that are obviously
spoofed?  Limit the list's traffic to members only?


> Also, it might be a good idea to amend the list's charter to include
> an "if you use this list, it is under your own blah blah and viruses
> get sent, blah blah". For future protection.

In other words:

"You're an adult. Try 1) thinking; and 2) simply becoming responsible
for yourself."



- John
-- 
"Mad cow? You'd be mad too, if someone was trying to eat you."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] viruses being sent to this list
  - From: Adam

References:
- Re: [Full-Disclosure] viruses being sent to this list
  - From: MICHAEL coles
- Re: [Full-Disclosure] viruses being sent to this list
  - From: Paul Schmehl
- Re: [Full-Disclosure] viruses being sent to this list
  - From: John Sage
- Re: [Full-Disclosure] viruses being sent to this list
  - From: Gadi Evron

Prev by Date: RE: [Full-Disclosure] Re: Microsoft Coding / National Security Risk
Next by Date: Re: [Full-Disclosure] Microsoft Coding / National Security Risk
Previous by thread: Re: [Full-Disclosure] viruses being sent to this list
Next by thread: Re: [Full-Disclosure] viruses being sent to this list
Index(es):
- Date
- Thread