Administrivia: Spam threads
From: Marc Fossi (mfossi_at_securityfocus.com)
Date: 08/06/03
- Previous message: Presley, Steve: "RE: Exchange 2000 out of office"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 6 Aug 2003 13:18:03 -0600 (MDT) To: Focus-MS <focus-ms@securityfocus.com>
I think that both the thread on OOO replies and the Digital Impact one are
now closed. I knew they would both drift off-topic, but decided to allow
them because the initial discussion did have to do with security.
On a side note, I'm surprised that nobody mentioned the social engineering
side-effect of OOO replies. Some of the ones I get when I post to the
list have detailed information on who to contact while the person is away,
including office phone #'s, cell #'s, pager #'s and so on. Some even go
so far as to say where the person is going to be while they're away.
Never underestimate information disclosure. I once had a poster to this
list ask me to remove a post they had made from the list archive. Seems
the pen-testers their company hired used info from the post to compromise
the network...
Cheers,
Marc Fossi
Symantec Corp.
www.symantec.com
---------------------------------------------------------------------------
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
---------------------------------------------------------------------------
- Previous message: Presley, Steve: "RE: Exchange 2000 out of office"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
