Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: viruses being sent to this list
From: Adam <adam () huntrecruiting com>
Date: Wed, 24 Mar 2004 11:28:11 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm finding that the people who complane the most are usually the people who 
have no business working with Virii and are only as good as there Outlook 
updates

Sorry Gadi, but you where told a long time back to quit when you where only 
marginally behind.

I believe at this point your speaking while your typing to hear your own 
voice.

please stop! why don't you go take a class or something.


On Wednesday 24 March 2004 09:42 am, John Sage wrote:
/*
   the thread that refused to die...
   ...now with extra! extra! life.
*/

On Wed, Mar 24, 2004 at 02:34:33PM +0200, Gadi Evron wrote:
From: Gadi Evron <ge () egotistical reprehensible net>
User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207)
To: Full-Disclosure <full-disclosure () lists netsys com>
CC: John Cartwright <johnc () grok org uk>
Subject: Re: [Full-disclosure] viruses being sent to this list
Date: Wed, 24 Mar 2004 14:34:33 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As I got a response from the managers, I am happy. And I took it
off-list.

They asked for us to send any responses to them directly rather than
on-list, and I did. However, this has now become a different thread,
so I will try and contribute.

The samples below could have been detected by any AV using
signatures alone. Thus, without any heuristics, not risking false
positives or requiring more time spent on moderation.

I don't use any AV software. Don't need it.

And I appreciate getting virii from this list (No! seriously!) and
several other lists I participate in because it gives me the
opportunity to examine and collect examples of what's out there.

If anything, it should help out on moderating all the viruses that get
sent from off-list addresses, by saving time, and with no risk of new
stuff not getting to the list due to a false positive.

How would you filter against off-list addresses that are obviously
spoofed?  Limit the list's traffic to members only?

Also, it might be a good idea to amend the list's charter to include
an "if you use this list, it is under your own blah blah and viruses
get sent, blah blah". For future protection.

In other words:

"You're an adult. Try 1) thinking; and 2) simply becoming responsible
for yourself."



- John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAYbccQEDQWvlbVLkRAiM4AJwMJcvnj+oMQLwXDka55X/tBvEN9ACcDEbw
1/Xw3SiUxMgC5oxKEQapXwo=
=KrXf
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault