[Esa-l] Over sensitive poisoning

John D. Hardin jhardin at wolfenet.com
Wed Aug 2 21:15:43 PDT 2000


On Wed, 2 Aug 2000, Dave Clendenan wrote:

> I think I must have missed something in the original
> discussion of this, because it seems to me that it's
> rather redundant to poison 
> 'filename.[safe_extension].[extension_we're_mangling_anyway]'

Point to consider: filename mangling does not prevent the user from
unmangling the filename. Poisoning something obviously bad like
EXPLOIT.TXT.VBS keeps it from being delivered at all.

--
 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at wolfenet.com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
				-- Peter da Silva in a.s.r
-----------------------------------------------------------------------
   88 days until Daylight Savings Time ends





More information about the esd-l mailing list