new nasty email virus trick to bypass scanners

• Previous message (by thread): new nasty email virus trick to bypass scanners
• Next message (by thread): new nasty email virus trick to bypass scanners
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 09:53 PM 03/12/2003, Jamie Reid wrote:

>If an attacker can convince a user to do anything, all  bets
>are off.
>
>It is conceptually similar to  using SSL to evade a network IDS.
>
>This is also an intrusion test trick. As system owners, there
>is only so much we can do to prevent and detect compromises.
>What matters is how we respond.

True enough.  However, we also have to protect naive and vulnerable users 
to some degree.  Think about elderly folk.  They are not necessarily as 
quick to spot the scam. The ability to stop the virus before it gets to 
them is important.

The other thing that worries me is that those who rely on their ISP to scan 
for viruses, a false sense of security can come into play.  In the case of 
these types of email viruses, the user might think the file is OK because 
it was scanned.

         ---Mike

• Previous message (by thread): new nasty email virus trick to bypass scanners
• Next message (by thread): new nasty email virus trick to bypass scanners
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]