|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [ISN] Linux: Testing, Security Concerns Raised (fwd)
From: Curt Bryson (NTI) (cbryson
TELEPORT.COM)
Date: Thu May 04 2000 - 15:07:44 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tad overdramatic dontchya think? DOGS AND CATS LIVING TOGETHER! TOTAL
ANARCHY!
Hehehe, seriously tho, I fail to see why Microsoft won't put in a simple
control to deactivate ALL dynamic content. Users can disable html on the
OUTBOUND side, but why can't they turn off all the so-called "convenience"
features that are causing the types of problems on the INBOUND side?
Sort-sightedness. Guess I run Unix for the next couple days 'till everyon
gets their systems virus scanned <sigh>.
To answer your question:
That same guy who thought sending arbitrary commands to sendmail using high
char strings got fired, went to microsoft, and convinced them of the need to
have emails that would run scripting languages.
Curt Bryson
Computer Forensics/Internet Investigations Consultant
New Technologies, Inc.
2075 North East Division
Post Office Box 929
Gresham, Oregon
97030
mailto://curtforensics-intl.com
http://www.forensics-intl.com
Phone: (503) 661-6912
Fax: (503) 674-9145
NOTICE - This message and any attached files, in their entirety, are
intended for the use of the individual and/or entity referenced above and
may contain information that is privileged, confidential, and/or exempt from
disclosure by applicable law or court order. If the reader of this message
is not the intended recipient, please notify the sender via the most
expedient means available (relevant contact information precedes this
notice). Any dissemination, distribution, or copying of this message or its
attachments by unauthorized personnel is strictly prohibited.
-----Original Message-----
From: ISN Mailing List [mailto:ISNSECURITYFOCUS.COM]On Behalf Of Jamie
McCarthy
Sent: Thursday, May 04, 2000 7:23 AM
To: ISNSECURITYFOCUS.COM
Subject: Re: [ISN] Linux: Testing, Security Concerns Raised (fwd)
Are you guys still arguing about "Piranha," an obscure utility for
Red Hat whose default password a few newbie sysadmins might not have
changed?
Meanwhile, another Melissa-style virus is rampaging through Asia,
Europe and America, crashing SMTP servers, flooding T1 lines,
apparently taking down an ISP referenced in its source code
(skyinet.net), and causing panic in investment banks and other
professional corporations worldwide:
http://msnbc.com/news/403350.asp
May 4 ‹ A computer virus spread by e-mail messages titled
³ILOVEYOU² infected Asian, European and American computers today,
apparently hitting public relations firms and investment banks in
Asia particularly hard.
Are you really still arguing that "quality control" is weak on Linux,
even while thousands of sysadmins are beating their heads against the
wall because of Microsoft's infantile and inadequate email security?
(Who decided that executing scripts from email would be a good idea?)
Are we _still_ pointing the finger at "Piranha" while the net
collapses in flames around us?
--
Jamie McCarthy
jamiemccarthy.org
http://jamie.mccarthy.org/
ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERVSecurityFocus.com with a message body of
"SIGNOFF ISN".
ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERVSecurityFocus.com with a message body of
"SIGNOFF ISN".
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]