Re: [Full-Disclosure] Backdoor not recognized by Kaspersky

From: Gregor Lawatscheck (gpel_at_mpex.net)
Date: 03/03/04

  • Next message: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] Backdoor not recognized by Kaspersky"
    To: full-disclosure@lists.netsys.com
    Date: Wed, 03 Mar 2004 20:11:22 +0100
    
    

    Cael Abal wrote:

    > Historically, passworded .zip files have been the only remotely
    > acceptable way to e-mail executables. I'm hesitant to give that up.

    ACK. Some AV vendors even request samples of exectuables in passworded
    zips.

    > I'd still rather allow all passworded .zips and rely on the client's AV
    > to nab it.

    People using pgp / gpg to exchange executables between them would
    possibly be the way to go. Then again people who have heard about p/gpg
    aren't the ones who click on executables randomly anyway. There's still
    an education issue with new Internet users of which there seem to
    thousands a day who fall for these worms. After all there are driver
    licenses for normal highways but none for the "information super highway".

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] Backdoor not recognized by Kaspersky"

    Relevant Pages

    • Re: code and data
      ... The distinction between code and data is arbitrary. ... A program that zips up ... executables treats code as data. ... An interpreter treats data as code. ...
      (comp.programming)
    • Re: OT- Free Usenet Servers
      ... Don't DL executables, and if you DL zips, then run them through the ... did you see the Evening News last week? ... Al Qaeda has been passing messages encrypted in JPEGS... ...
      (alt.autos.toyota)