[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: Jkuperus <jkuperus@planet.nl>

To: "Full-disclosure" <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Re: Jkuperus <jkuperus@planet.nl>
From: James Riden <j.riden@xxxxxxxxxxxx>
Date: Sun, 10 Oct 2004 11:37:30 +1300

"Vince Able" <we_hate_vince@xxxxxxxxxxx> writes:

>    Can anyone tell me why this idiot keeps trying to send the group
>    kiddies script worms/viruses.

Even on a list like bugtraq, you're likely to get PoCs and worse sent
- you probably shouldn't read a security list on a platform which you
think may be vulnerable - e.g. use a UNIX flavour, or a MUA which you
are sure won't auto-execute anything, or make sure your AV and patches
are up-to-date (or all three :).

Besides, most email-borne viruses forge the sender these days, so it's
likely to have come from a different infected computer which has both
the FD list and the purported senders addresses on it. Check the
Received headers to find out exactly where it's originated.

cheers,
 Jamie
-- 
James Riden / j.riden@xxxxxxxxxxxx / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Re: Jkuperus <jkuperus@planet.nl>
  - From: Vince Able

Prev by Date: Re: [VIRUS!] [SPAM] [Full-Disclosure] Re: Msg reply
Next by Date: [Full-Disclosure] [ GLSA 200410-09 ] LessTif: Integer and stack overflows in libXpm
Previous by thread: Re: [SPAM] Re: [Full-Disclosure] Re: Jkuperus <jkuperus@planet.nl>
Next by thread: [Full-Disclosure] [ GLSA 200410-07 ] ed: Insecure temporary file handling
Index(es):
- Date
- Thread