OK. Point taken concerning my first mail on this subject. So now it appears that there are a few of us who do not think attachments should be allowed. An FTP site sounds like a good idea. Cheers,Liam. > ---------- > From: Espinola Jr, Micheal > Sent: 13 February 2001 18:10 > To: '[EMAIL PROTECTED] '; '[EMAIL PROTECTED] '; > '[EMAIL PROTECTED] '; '[EMAIL PROTECTED] '; '[EMAIL PROTECTED] ' > Subject: RE: > > I think that your original email was a bit harsh. This is a public > list > that any one can choose to join and lurk on. > > Just because they joined, dont make them a seasoned professional. > > But, I do agree that this list shouldnt allow attachments. Its > convenient > to see v-cards, but I dont think its neccessary. Certainly any need > to send > someone an attachment doesnt need to go to the entire list. > > And if it does, its likely that it should be hosted on an ftp > somewhere. > > -----Original Message----- > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; > [EMAIL PROTECTED] > Sent: 2/13/01 8:30 AM > Subject: RE: > > Que? > > I was not complaining about the e-mail informing us that is was a > 'nasty > little script'. I was highlighting the point that a mailing list whose > focus is IT Security was used to prolifferate malware. > > Let me see if I have you straight here. OK its nice to see the A.V. > and > content analysis tools you have spent much resource on working as > intended (Cheers for the the sample guys). But you can't seriously be > telling me that the fact that this script was (Apparently/allegedly) > sent to every e-mail address in Mr Rollie's Address Book, and that it > was forwarded on to all of us is a usefull service? > > As one security professional to another. Even if it had no effect on > any > recipient. What would your response be when one of your company's > customers calls up to complain about being sent a virus via e-mail > from > one of your users. Let me see if I can guess.... > > To give you some comfort ( as you are obviosuly concerned for my well > being ) Of course I don't trust attachments. I do examine suspicious > attachments with something a little more sophisticated than Notepad > (or > is that vi). > > My appologies to all on the list. My mail was supposed to address what > I > considered to be a serious issue. My intention was not to flame the > guys > who run this list or to start a flame war on the list. However, I fear > that may be the result. > > Liam. > > > ---------- > > From: Bill Royds > > Sent: 13 February 2001 13:00 > > To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; > [EMAIL PROTECTED]; > > [EMAIL PROTECTED] > > Subject: RE: > > > > Actually that message was very useful to me. It gave me early > warning > > about the virus by showing that it leaked through our email > anti-virus > > and the code gave me some strings to scan for on our IDS. > > As a security professional, I never execute anything I get in > email, > > but I do examine it with text only tools to look for problems. Don't > > you > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > [EMAIL PROTECTED] > > Sent: Tuesday, February 13, 2001 06:03 > > To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] > > Subject: RE: > > Importance: High > > > > > > I have to say that it is a pretty sad state of affairs when a > mailing > > list that is dedicated to IT security issues falls foul of this type > > of > > problem. > > > > Is there any need to allow attachments on this forum? > > > > I assume that there is some form of content analysis performed on > the > > traffic through this list.....? > > > > I would assume that most people on this list have some form of > content > > analyser implemented on their mail gateway. I would further assume > > that > > if you were not covered when the first VBS was distributed then you > > were > > pretty soon afterwards ( weren't you? ). This is the responsible > thing > > to do. I am sure that the guys who run this list would think so too. > > > > > I know that this list is run (pretty smoothly) as a free service to > us > > and the relevant T&Cs are in place, but people have been put on RBL > > for > > less. Is there a cheep and simple method you guys could implement by > > which attachments could be prohibited on this list? > > > > Cheers,Liam. > > > > > > > > > > > > > > > > > > > > > ---------- > > > From: Matt Rogghe > > > Sent: 12 February 2001 20:55 > > > To: 'Gary Rollie'; [EMAIL PROTECTED] > > > > > > That last post to here was a nasty little replicator script. > Looks > > > like > > > it's just hitting the global address list so far on the exchange > > > server. > > > - > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > > "unsubscribe firewalls" in the body of the message.] > > > > > - > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > "unsubscribe firewalls" in the body of the message.] > > > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] > - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
