Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: RFC: virus handling

Re: RFC: virus handling

From: Patrick Proniewski <patpro_at_patpro.net>
Date: Wed, 28 Jan 2004 19:24:52 +0100

On 28 janv. 2004, at 16:45, Thomas Zehetbauer wrote:

> Looking at the current outbreak of the Mydoom.A worm I would like to
> share and discuss some thoughts:

You bring some definitely interesting points here.

I agree with your 1) and 2), but 3) rises some technical concern

> 3.1.2.) e-mail Alias and Web-Interface
> Additionally providers should provide e-mail aliases for the IP
> addresses of their customers (eg. customer at 127.0.0.1 can be reached
> via 127.0.0.1_at_provider.com) or a web interface with similiar
> functionality. The latter should be provided when dynamically assigned
> IP addresses are used for which an additional timestamp is required.

could be a really good idea, if not so easy to use for spammers or even
for virii. The moment you setup such a service, spammers/virus coder
will write a script that can reach every single user with an active
connexion. It's a really major drawback I think.

patpro 

-- 
je cherche un poste d'admin-sys Mac/UNIX
(ou une jeune et jolie femme riche)
http://patpro.net/cv.php
Received on Feb 03 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos