Odd spam / virus - comments ?

• Previous message (by thread): Odd spam / virus - comments ?
• Next message (by thread): Route Collector
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 26 Mar 2002 09:13:08 EST, "Steven M. Bellovin" said:

> There are worms out there (such as Nimda.E) that use Outlook address books
> not just for lists of victims, but also as "From:" addresses.  In other
> words, your involvement might be having sent email to someone else who 
> is infected.

An important addendum here - "having sent mail" includes posting to a mailing
list that has a subscriber.  I've gotten a lot of complaints because the
actual perpetrator was a subscriber to NANOG or IETF or one of the many
SecurityFocus mailing lists I post to.  And once you take the union of
*all* those lists, you start hitting the "birthday paradox" - it becomes
*very* likely that if you and the recipient know each other (by virtue
of being in the computer industry) that a third party has seen mail from
both of you.

Another way to look at it is that the "6 degrees" game can easily drop
2 or 3 degrees *really* fast if you allow "A and B both subscribe to the
same mailing list" as a connection.
-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020326/b39b50c6/attachment.sig>

• Previous message (by thread): Odd spam / virus - comments ?
• Next message (by thread): Route Collector
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]