Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: How often are IE security holes exploited?
From: gobbbles () hushmail com
Date: Thu, 12 Dec 2002 22:20:06 -0800


-----BEGIN PGP SIGNED MESSAGE-----

Richard M. Smith wrote:
Has anyone ever looked into how often security holes in Internet
Explorer are actually used in viruses, worms, Trojan horses, and other
malware?  My sense is that very few of them are actually used in the
wild.

If you look at "hacker kit" codes which would do this...

The question is, how can they be detected, if they are not detected by any user? How will anti-virus learn of it, if 
the trojaned exploit code is unknown to them and no user has found it? Or, what if that user browses pedophile 
newsgroups and mailing lists? Would they be so anxious to report a trojan on their system? And, how would they ever 
figure out how they got it?

Was it spam email number 76876, or maybe website number 565579?

And, why wouldn't someone want to be able to say... target all neo-nazi's reading alt.politics.white-power... if they 
realize they have their whole audience right there in the newsgroup?

Or, what about that company that has all of its' employees firewalled? Kind of conveniant way to grab a few of them to 
make one's way into the system.

Also, as you may have noticed, email is rather insecure/private/can be really hard to trace. Especially if you use 
enough proxies and then feed it through your most paranoid remailer.


Lamont Cranston

"My names in the book, look it up"


-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wl0EARECAB0FAj35fJIWHGdvYmJibGVzQGh1c2htYWlsLmNvbQAKCRCLwwkA1HDM9XFz
AJ99jvYJa/sSiWyFBtK984qToeYF+gCfduGV4EuSCWum9Pu70x6XV+q7e/0=
=LHb9
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault