Re: [Full-Disclosure] viruses being sent to this list
From: Nick FitzGerald (nick_at_virus-l.demon.co.uk)
Date: 03/23/04
- Previous message: Denis Dimick: "Re: [Full-Disclosure] Re: pgp passphrase"
- In reply to: Gadi Evron: "[Full-Disclosure] viruses being sent to this list"
- Next in thread: Gadi Evron: "Re: [Full-Disclosure] viruses being sent to this list"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Tue, 23 Mar 2004 12:16:15 +1200
Gadi Evron <ge@egotistical.reprehensible.net> wrote:
> Hello all, I kept quiet for a while as this is a not moderated mailing
> list - but enough is enough.
>
> Today's spoof, of an email supposedly coming from me with an infected
> file was a cute trick by whatever kiddie, but doesn't really bother me.
Hmmmmm -- it does seem to have bothered you.
Bagle.N (as it is) has been out for a while now, so I doubt it was
deliberately posted to the list to look as if it were from you. The
odds are extremely high that it got to the list the same way all the
others have -- by running on a machine with the list's address in one
of the multitude of file types Bagle.N searches for possible Email
addresses. No kiddie or personal animosity to you involved...
<<snip>>
> It is also a growing concern among some of us that VX'ers now use this
> list to propagate viruses, once they are out in the wild.
Really?
What evidence do you have of that?
Personally, I'd have thought that targetting a mailing list monitored
and read by a fair cross-section of the top computer security folk
would be an utter waste of effort if the intention was to deliberately
spread a virus (already known or not)...
> Viruses must not be spread, especially on a security mailing list and to
> such a huge audience.
I agree with the sentiment, but the list owners have been pretty
adamant that they will not install any kind of filtering on the list at
all.
> It is my opinion that it is the _duty_ of the list owners to do
> something about this, as it is not only illegal, but it is irresponsible.
Well, it is illegal in some places, and again, although I agree with
you other sentiments, this has been beaten out before and the list
owners seem pretty adamant that they will not install any kind of
filtering (perhaps even to the point where they would shut the list
down rather than bend to such demands?).
> I'd have emailed the list owners privately, ...
You probably should have -- I get the feeling they don't pay a great
deal of attention to it now...
> .. but as I am the latest
> victim of the latest spreading mechanism for viruses - Full-Disclosure,
> I demand and immediate public announcement on what is going to be done
> about this problem.
WHy does this have to be about you? Just get over it -- anyone who
posts publicly will experience something like this a few times. For
example, I typically get several _true_ bounces per day "returning"
some undeliverable virus that has sent itself out as if from me and I'm
sure many others here see the same -- you should kick back a bit, relax
and adjust...
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Denis Dimick: "Re: [Full-Disclosure] Re: pgp passphrase"
- In reply to: Gadi Evron: "[Full-Disclosure] viruses being sent to this list"
- Next in thread: Gadi Evron: "Re: [Full-Disclosure] viruses being sent to this list"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
