[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Anyone else notice that Swen is slowing down?



"Karsten M. Self" <kmself@ix.netcom.com> [2003:10:01:07:17:43+0100] scribed:
> on Tue, Sep 30, 2003 at 09:20:25PM -0500, Michael D Schleif (mds@helices.org) wrote:
> > "Karsten M. Self" <kmself@ix.netcom.com> [2003:10:01:00:53:46+0100] scribed:
> > > on Tue, Sep 30, 2003 at 12:11:16PM -0400, Mike Mueller (linux-support@earthlink.net) wrote:
> > > > On Tuesday 30 September 2003 02:05, Karsten M. Self wrote:
> > > > > Seems
> > > > > like about the only way we're going to get a reasonable handle on this
> > > > > barring ISPs refusing to carry executables in email format.
> > > > 
> > > > Hear! Hear!  No more attachments - period.  I'll settle for elimination of 
> > > > any known sort of executable though. 
> > > 
> > > No.
> > > 
> > > Specifically:  executables.  Various other mail 'sploits -- there are
> > > some header buffer overflows, IIRC affecting LookOut -- exist and should
> > > be filtered as well.  But specifically, AUPs against transmission of
> > > executable content, and concomittant filtering, would serve a useful
> > > purpose.  There are opaque formats, from zip to tarball to encrypted
> > > payloads, which can be used by those sufficiently clueful to handle the
> > > task appropriately.
> > > 
> > > MIME attachments of themselves serve many useful functions.  There's an
> > > awful lot of baby in that bathwater.  Starting with the signature on
> > > this message.
> > 
> > I agree, up to a point.
> > 
> > What really constitutes an `executable' program -- surely *not* its file
> > extension ?!?!
> 
> That's one distinction.  Specifically, the set of extensions listed at
> 
>     http://www.linuxquestions.org/questions/archive/8/2003/03/4/51848j
> 
> There's also the binary sequence which begins any Microsoft executable.
> 
> For the current task of restricting transmission of viral mail load by
> agarware such as Outlook, use of either or both criteria in filtering / 
> rejecting mail would work.

Yes, so long as you limit this to Microsoft operating system
executables.  My point is that there are dangerous executables out there
that are *not* Microsoft-specific . . .

-- 
Best Regards,

mds
mds resource
877.596.8237
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--

Attachment: pgpehexHDjYMQ.pgp
Description: PGP signature


Reply to: