Interesting screwup. (was: RE: scary site)

From: Chris Santerre (csanterre@MerchantsOverseas.com)
Date: 03/18/02


From: Chris Santerre <csanterre@MerchantsOverseas.com>
To: security-basics@security-focus.com
Date: Mon, 18 Mar 2002 09:39:33 -0500

Well when I sent this example code, I didn't comment it out. So all of the
virus scanners for people on this list sent me a 'virus found' message. What
is interesting is that 99% of them gave me the email address, domain, name
of anti-virus software, and sometimes even a path!

This could be a potential security problem. Someone could simply send a
virus to this list, and use the resulting virus messages as a beginning
discovery point of a network. I had never thought of this problem. I spend
all that time making my servers as anonymous as possible, but I never
thought about the anti-virus software. Needless to say, I am now :) Has
anyone done anything like this with their antivirus? (I haven't done a
google search yet! 285 emails an counting still!)

-----Original Message-----
From: Chris Santerre [mailto:csanterre@MerchantsOverseas.com]
Sent: Thursday, March 14, 2002 3:31 PM
To: 'Amer Karim'; security-basics@security-focus.com
Subject: RE: scary site

I received the same thing on my Win98se / IE6. NAV said it was evil, but
Calc did NOT come up. But my quick and dirty web code did still get by it.
Only works on Win9x. Here is the code:

*snip code*

The path won't work on NT, but Norton said nothing about this. Also if
anyone knows how to use reg32.dll to call functions, they may be able to
call it here.



Relevant Pages

  • Re: need help
    ... > actually i got rid of the norton anti virus and as soon as i did that i ... >>> problem with this application) or there is a virus in the file but the ... >>> anti-virus program cannot properly remove or process the virus it has ... >>> infected until you have updated your anti-virus software to the latest ...
    (microsoft.public.word.docmanagement)
  • And another one just for fun!
    ... there are more than sixty thousand viruses ... the business of selling anti-virus software or related services! ... A virus is like ... some techno-peasant to orchestrate a viable attack, but it is also true that ...
    (comp.security.misc)
  • And another one just for fun!
    ... there are more than sixty thousand viruses ... the business of selling anti-virus software or related services! ... A virus is like ... some techno-peasant to orchestrate a viable attack, but it is also true that ...
    (alt.computer.security)
  • Re: And another one just for fun!
    ... > the business of selling anti-virus software or related services! ... > It is a given that computer viruses can destroy hardware, software, or ... > courtesy of this virus included, among other things, rental applications, ... > some techno-peasant to orchestrate a viable attack, ...
    (alt.computer.security)
  • Re: And another one just for fun!
    ... > the business of selling anti-virus software or related services! ... > It is a given that computer viruses can destroy hardware, software, or ... > courtesy of this virus included, among other things, rental applications, ... > some techno-peasant to orchestrate a viable attack, ...
    (comp.security.misc)