Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] Fighting useless notification mails

from [Marc Ruef] Network Security [Permanent Link]
Subject: [Full-Disclosure] Fighting useless notification mails
Date: Tue, 30 Mar 2004 12:44:05 +0200 
Dear list,

Viruses and worms that spread as mail attachments are filling our inboxes day for day. Most of this nastly little monsters are able to generate random or faked from addresses.

I receive dozents of automaticly generated notification mails that presume I sent a not allowed attachment. I am pretty shure that this is not true. Many different facts are able to verify this statement (e.g. sending time, SMTP routing, source IP address).

In some cases it may be useful to notify a sender that his host is spreading malicous code. But I would like to see that antivirus vendors enhance their databases and save standardized the information if a mail worm is able to generate random or faked source addresses. If this may be given, antivirus solutions should _not_ send a notification to the presumed sender anyway, because it makes absolutely no sense. So it may be possible to break down the whole useless notification spam that doubles the annoying virus mail traffic.

Yours, Marc

--
Attack Tool Kit - Enhance your pen-tests
http://www.computec.ch/projekte/atk/


[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] [TURBOLINUX SECURITY INFO] 30/Mar/2004, Turbolinux
Next by Date:  [Full-Disclosure] Re: new internet explorer exploit (was new worm), Nick FitzGerald
Previous by Thread:  [Full-Disclosure] [TURBOLINUX SECURITY INFO] 30/Mar/2004, Turbolinux
Next by Thread:  RE: [Full-Disclosure] Fighting useless notification mails, Steve Wray
Indexes:  [Date] [Thread] [Top] [All Lists]