Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Jkuperus <jkuperus () planet nl>
From: James Riden <j.riden () massey ac nz>
Date: Sun, 10 Oct 2004 11:37:30 +1300

"Vince Able" <we_hate_vince () hotmail com> writes:

   Can anyone tell me why this idiot keeps trying to send the group
   kiddies script worms/viruses.

Even on a list like bugtraq, you're likely to get PoCs and worse sent
- you probably shouldn't read a security list on a platform which you
think may be vulnerable - e.g. use a UNIX flavour, or a MUA which you
are sure won't auto-execute anything, or make sure your AV and patches
are up-to-date (or all three :).

Besides, most email-borne viruses forge the sender these days, so it's
likely to have come from a different infected computer which has both
the FD list and the purported senders addresses on it. Check the
Received headers to find out exactly where it's originated.

James Riden / j.riden () massey ac nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]