Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Backdoor not recognized by Kaspersky
From: Gregor Lawatscheck <gpel () mpex net>
Date: Wed, 03 Mar 2004 20:11:22 +0100

Cael Abal wrote:

Historically, passworded .zip files have been the only remotely
acceptable way to e-mail executables.  I'm hesitant to give that up.

ACK. Some AV vendors even request samples of exectuables in passworded zips.

I'd still rather allow all passworded .zips and rely on the client's AV
to nab it.

People using pgp / gpg to exchange executables between them would possibly be the way to go. Then again people who have heard about p/gpg aren't the ones who click on executables randomly anyway. There's still an education issue with new Internet users of which there seem to thousands a day who fall for these worms. After all there are driver licenses for normal highways but none for the "information super highway".

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]