Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Backdoor not recognized by Kaspersky
From: Alexander MacLennan <maclenna () cs curtin edu au>
Date: Thu, 04 Mar 2004 11:47:46 +0800

rm -rf /

that should do it

Nick FitzGerald wrote:

Ron DuFresne <dufresne () winternet com> wrote:


how about the smtp server simply rejecting mail from spoofed hosts ?
as all the viruses generate spoofed hosts and it is very easy for any
smtp server to do a dns lookup on the sending server, if the hostname
/ ip address do not match reject the message.

Finally some sanity marks this thread!


"sanity"??

Care to define the "nearly foolproof" "spoofed hosts detection" algorithm that will not have an unbearably high false-positive rejection rate??


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



!DSPAM:4046a529202801981333611!






_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]