Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: E-Mail viruses
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Tue, 09 Mar 2004 15:21:29 +1300

Valdis.Kletnieks () vt edu wrote:

It's not 3^36, which is multiple billions, it's only 36^3, which is 46,656.

Yes -- that was a transliteration error on my part...

And only one has to get through to an idiot.

Which is why I suggested that it should not be used across the board, 
but further limited to specific, "trustworthy" users who really "must" 
be able to send/receive such stuff (of course, in real life there are 
immensely fewer of these than there are idiots who believe they are in 
that category and unfortunately, scarily many of these idiots have 
equally stupid (or even stupider) managers who will insist the idiots 
really are "power users"...).

Anybody else got a mail server that blocked more than that many Netsky's
this weekend alone?  Draw the obvious conclusion here...

And *that* was why I was dubious as to the real usefulness...

Yes, and that complaint is negated by careful implementation of this by 
those who understand it is just another layer that could be useful in 
some circumstances.  It would be unwieldy in a very large organization 
(perhaps like Boeing, DoD, etc) or one (of any size) like a university 
where there are strong demands for autonomy and user "freedom" or too 
many idiot managers.

Like all security measures, it is as good as its weakest link, and  
although there are several opportunities for these in a scheme like 
this, that does not mean it still cannot be used effectively _in the 
right environment_.


Nick FitzGerald

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]