McAfee PROBLEM !!! (solved)
Chris Yuzik
chris at FRACTALWEB.COM
Mon Mar 8 19:26:25 GMT 2004
As I just wrote in another email, apparently, Kapersky is doing it. Any
idea what their algorithm is?
In an article on The Register
(http://www.theregister.co.uk/content/55/36049.html), it states:
Kaspersky Anti-Virus, for example, can now detect protected Zip
archives, scan the email body for the password and then unpack and
check the attachment for viruses. The new protection is been
delivered alongside new AV signature downloads from the Russian vendor.
Obviously, the easiest way to defeat this would be your #1. Same thing
Yahoo, Network Solutions, and tons of others are using to defeat bots.
Cheers,
Chris
Tristan Rhodes wrote:
>Among the other infinite possibilities...
>
>1) Display a picture of text that is the password.
>
>2) "The password is the last-name of the President of the United States"
>
>3) "To find the password, crack this code!
>Hint: 1=A, 2=B, 3=C, and so on! The password is a single word with no spaces.
>
>Password: 16 1 18 1 4 15 24
>
>MailScanner is a useful tool because Julian looks for ways that his code can be defeated. (Much praise should be given for that!) This idea is one of that would be extremely easy to overcome.
>
>BTW, how many of you actually took the time to decipher the password? See, that is exactly what your users would do as well.
>
>Tristan Rhodes
>
>
>
>>>>shrek-m at GMX.DE 03/06/04 05:19AM >>>
>>>>
>>>>
>Julian Field wrote:
>
>
>
>>And then the virus writers counter it by adding "For extra security, I
>>typed the password backwards". And then you have to try every word
>>backwards as well. It's an arms race you can't possibly win, so
>>there's no
>>point fighting the battle.
>>
>>
>
>
>or:
>
>- type the password in one word:
>p a s s w o r d
>
>- take the first charachter of each line:
>pub
>all
>support
>support
>word
>order
>remenber
>delete
>
>- increasing the mail with garbage
>- ...
>
>--
>shrek-m
>
>
>
More information about the MailScanner
mailing list