On Thu, 22 Apr 2010 17:56:48 +0700 sonjaya <sonj...@gmail.com> wrote:
> Length: 1516336 (1.4M), 1139856 (1.1M) remaining
>
> 24% [================>
> ] 376,480 38.8K/s in 9.6s
>
> 2010-04-22 17:53:34 (38.1 KB/s) - Data connection: Connection reset by
> peer; Control connection closed.
> Retrying.
>
>
> then i check in sonicwall
>
> 12 UTC 04/22/2010 10:52:56.032 Alert Security Services Gateway
> Anti-Virus Alert: Mytob.Crypter (Worm) blocked 78.41.115.130, 51671,
> X3 192.168.xxx.10, 13305, X5
>
> ha ha so the trouble maker is sonicwall ....
Signature based detection has always been flawed, and worse, as the
volume of malware increases, so does the number of "illegal" byte
sequences. The result is obvious; more and more stuff will be blocked
due to false positives.
Using encryption (ssh, scp, ssl) is a way around this problem, and if
it does happen when using encryption, then just change to using a
different cypher (resulting in a different byte sequence).
jcr
--
The OpenBSD Journal - http://www.undeadly.org
