-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Sep 23, 2003 at 04:16:02PM -0500, Ray wrote: > it seems to me the easiest solution would be for ISPs to have a > policy and software that supported the policy of no .exe .com .src > .pif .bat (etc...) attachments. any email will either be dropped or > have the attachment dropped and replaced with a short explination of > it being against policy and how to make a zip/gz/tar/whatever file if > they really want to send a .exe
That's exactly what we want to do: force the user to open a tarball to figure out what's up. 8:oP Worm writers *will* adapt to this. > perhaps if someone wrote the "don't f*&$ open me"[1] virus and had it > go through a little tutorial about why not to open unknow attachments > have message go something like "I was foolish enough to open the > attachment, and since you are at risk of getting a message from me > with a virus, this attachment has forwarded itsself to you" Eh. The way I handled NIMDA and Code Red was to write a quick little script with the help of an actually clueful MCSE that ran through the apache error.log every hour and used wget to try and exploit the offending machine and wipe the drive. After a week of that, there were only four or five machines left that would go down for a few days, then start trying again for a few minutes until the top of the hour hit and got wiped again. Those morons had to have been reinstalling windows two or three times a week. - -- .''`. Paul Johnson <[EMAIL PROTECTED]> : :' : `. `'` proud Debian admin and user `- Debian - when you have better things to do than fix a system -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/c/psUzgNqloQMwcRAhR1AJ0SP3OECOpB30NpHcYKwY6qPqVKLgCgzbBP +F000Y1ViboizBnhVJTRWNA= =GzSn -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
