Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: outlook sending email messages to mapped drives randomly

from [Murad Talukdar] Network Security [Permanent Link]
Subject: RE: outlook sending email messages to mapped drives randomly
Date: Thu, 16 Nov 2006 11:28:57 +1000 


Ok. I'm beginning to think that it could be to do with our AV clients mail
scanning feature-all of the email files that I looked at were incoming mail
so I'm not sure what is going on. I'm trying to get time to setup filemon on
an affected machine to see what might be the problem.
-----Original Message-----
From: Joe_Wulf [mailto:Joe_Wulf@yahoo.com] 
Sent: Wednesday, November 15, 2006 12:49 AM
To: 'Murad Talukdar'; focus-ms@securityfocus.com
Subject: RE: outlook sending email messages to mapped drives randomly

Another 'feature' from the evil Micro$loth empire
 
R,
-Joe Wulf, CISSP, USN (RET)
 ProSync Technology Group, LLC
 www.prosync.com
 Senior IA Engineer


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Murad Talukdar
Sent: Monday, November 13, 2006 22:29
To: focus-ms@securityfocus.com
Subject: outlook sending email messages to mapped drives randomly


Hi all, we run WinXp clients with Outlook 2003 on them.
We have a few users who are getting a very strange problem. Files in the
format
S3ko.1
S3ko.2
S3ko.3
...
S3ko.9
Or it could s3fg.1 ... etc

These are ppearing on a file server under the user's home drive. We do not
use
Exchange and the pst files are held locally.
I can't work out whether this is a virus or some form of malware but it is a
specific security issue because; 1. These files are actually readable in
notepad
etc as email messages including header of the email. There are as many of
these
files as there are emails in the inbox. Emails just turning up somewhere
that
they're not meant to, is weird and slightly chilling.
2. When monotoring the open files on the server it is apparent that each
file is
held open(most likely by Outlook) and so the concurrent open files on the
sevrer
grows to such a point that a DOS occurs on that file server-ie no new
connections can be made, no legit files can be opened.

Why would Outlook do something like this-is it by design or is there
something
else?


 



---------------------------------------------------------------------------
---------------------------------------------------------------------------







---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: DNS recursive, Dave L
Next by Date:  Microsoft Word Macro Security, rturley
Previous by Thread:  outlook sending email messages to mapped drives randomly, Murad Talukdar
Next by Thread:  DNS recursive, dubaisans dubai
Indexes:  [Date] [Thread] [Top] [All Lists]