Re: filtering active content

A patch has been available that would fix SirCam *and* most other
address-book viruses for a *year*, and we're still getting hosed by it.


I'm told SirCam doesn't look directly in the address book; instead it 
searches for email addresses in stored messages and web cache files.

That is why the IETF discussion list is getting hit harder by it than 
Melissa or ILOVEYOU or their ilk caused.

Also, SirCam finds your SMTP server and opens a direct connection to 
port 25 of that host, bypassing Outlook spool guards.

CodeRed wakes up in about 47 hours ... I'll bet most of the 300K 
machines that got hacked are still unpatched and still infected.


I agree.  At least it doesn't cause spew on the IETF list.  Speaking 
of prevention measures, is there anything in i386 architecture which 
can prevetn execution of code on the stack, or is that exclusive to 
SPARCitecture?

Cheers,
James

<Prev in Thread]	Current Thread	[Next in Thread>
Re: filtering active content, (continued) Re: filtering active content, John Martin Re: filtering active content, J. Noel Chiappa Re: filtering active content, Vernon Schryver Re: filtering active content, Keith Moore Re: filtering active content, Vernon Schryver Re: filtering active content, Keith Moore Re: filtering active content, Vernon Schryver RE: filtering active content, David Lemson RE: filtering active content, James P. Salsman Re: filtering active content, Valdis . Kletnieks Re: filtering active content, James P. Salsman <= Re: filtering active content, Francis Dupont Re: filtering active content, Ari Ollikainen

Previous by Date:	Re: filtering active content, Valdis . Kletnieks
Next by Date:	Re: filtering active content, Ari Ollikainen
Previous by Thread:	Re: filtering active content, Valdis . Kletnieks
Next by Thread:	Re: filtering active content, Francis Dupont
Indexes:	[Date] [Thread] [Top] [All Lists]