Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-Disclosure] Re: E-Mail viruses
From: Nick FitzGerald (nickvirus-l.demon.co.uk)
Date: Mon Mar 08 2004 - 20:21:29 CST
> It's not 3^36, which is multiple billions, it's only 36^3, which is 46,656.
Yes -- that was a transliteration error on my part...
> And only one has to get through to an idiot.
Which is why I suggested that it should not be used across the board,
but further limited to specific, "trustworthy" users who really "must"
be able to send/receive such stuff (of course, in real life there are
immensely fewer of these than there are idiots who believe they are in
that category and unfortunately, scarily many of these idiots have
equally stupid (or even stupider) managers who will insist the idiots
really are "power users"...).
> Anybody else got a mail server that blocked more than that many Netsky's
> this weekend alone? Draw the obvious conclusion here...
> And *that* was why I was dubious as to the real usefulness...
Yes, and that complaint is negated by careful implementation of this by
those who understand it is just another layer that could be useful in
some circumstances. It would be unwieldy in a very large organization
(perhaps like Boeing, DoD, etc) or one (of any size) like a university
where there are strong demands for autonomy and user "freedom" or too
many idiot managers.
Like all security measures, it is as good as its weakest link, and
although there are several opportunities for these in a scheme like
this, that does not mean it still cannot be used effectively _in the
Full-Disclosure - We believe in it.