-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On
Behalf Of John T (Lists)Sent: Tuesday, January 31, 2006 7:37
PMTo: Declude.Virus@declude.comSubject: RE:
[Declude.Virus] Encoded viruses...worried
Matt, are you
saying the attachment as Declude would see it is B64, UU, UUE
PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Reimer
Sent: Thursday, February 16, 2006 12:26 PM
To: Declude.Virus@declude.com
Subject: RE: [Declude.Virus]
Encoded viruses...worried
I'm curious. Are people banning BHX, HQX,
UUE, UU, and MIM since the Kapser/Blackmal.E/MyWife.d virus
PROTECTED]]On
Behalf Of John T (Lists)Sent: Tuesday, January 31, 2006
7:37 PMTo: Declude.Virus@declude.comSubject:
RE: [Declude.Virus] Encoded viruses...worried
Matt, are you
saying the attachment as Declude would see it is B64, UU, UUE, MIM, MME,
BHX
@declude.comSubject: Re: [Declude.Virus] Encoded
viruses...worried
Am I the only one that is wondering why there
wouldn't have been an official response to this from Declude?
While I have added the extension listed to block
attachments, (and FProt did detect on all of my instances), when
] On Behalf Of Colbeck, Andrew
Sent: Tuesday, January 31, 2006
6:35 PM
To: Declude.Virus@declude.com
Subject: RE: [Declude.Virus]
Encoded viruses...worried
On the plus side, there are mitigating
circumstances...
First, let me point out that although the
antivirus companies will lag behind the virus
e-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Colbeck,
AndrewSent: Tuesday, January
31, 2006 6:35 PMTo:
Declude.Virus@declude.comSubject: RE: [Declude.Virus] Encoded
viruses...worried
On the plus side,
there are mitigating circumstances...
Fir
ary 31, 2006 6:04 PM
To: Declude.Virus@declude.com
Subject: RE: [Declude.Virus] Encoded viruses...worried
John, the other formats are
common (or, were common) on Macintosh and Unix based systems for binary
attachments and for attached messages. Eudora for Windows used to
expose seve
ary 01, 2006 3:19 PMTo:
Declude.Virus@declude.comSubject: Re: [Declude.Virus] Encoded
viruses...worried
You know, I was going to ask if you would do a search, but I
figured you might do it anyway :) You did leave out the ".uue"
extension, but I doubt that would have changed your results.I
To: Declude.Virus@declude.com
MG Subject: Re: [Declude.Virus] Encodedviruses...worried
MG
MG You know, I was going to ask if you would do a search, but I
MG figured you might do it anyway :) You did leave out the .uue
MG extension, but I doubt that would have changed your results.
MG I
Gufler
Subject: Re: [Declude.Virus] Encoded viruses...worried
Off list - what grep do you use or which is the best for a W32 box?
Wednesday, February 1, 2006, 8:40:19 AM, Markus Gufler [EMAIL PROTECTED]
wrote:
MG
MG
MG I've grep'ed trough the logfiles for the last 7 days on my servers
MG
MG
Brown
Sent: Wednesday, February 01, 2006 7:24 AM
To: Markus Gufler
Subject: Re: [Declude.Virus] Encoded viruses...worried
Off list - what grep do you use or which is the best for a W32 box?
Wednesday, February 1, 2006, 8:40:19 AM, Markus Gufler
[EMAIL PROTECTED] wrote:
MG
MG
MG
al Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Don Brown
Sent: Wednesday, February 01, 2006 7:24 AM
To: Markus Gufler
Subject: Re: [Declude.Virus] Encoded viruses...worried
Off list - what grep do you use or which is the best for a W32 box?
Wednesday, February
Excellent.
Thanks Bill -
-Nick
Bill Landry wrote:
Nick, I put this together quite some
time ago and have sent it to people upon request. Hopefully posting it
here will make it more widely accessible. At least it can point you to
some tutorials and give you a sampling of how
Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Markus Gufler
Sent: Wednesday, February 01, 2006 6:40 AM
To: Declude.Virus@declude.com
Subject: RE: [Declude.Virus]
Encoded viruses...worried
I've grep'ed trough the logfiles for the
last 7 days on my servers
2981 lines has
Someone just reported to me that MyWife.d (McAfee)/Kapser.A
(F-Prot)/Blackmal.E (Symantec)/etc., has a 3rd of the month payload
that will overwrite a bunch of files. It's really nasty. More can be
found at these links:
http://isc.sans.org/diary.php?storyid=1067
:[EMAIL PROTECTED] On
Behalf Of Matt
Sent: Tuesday, January 31, 2006 4:50 PM
To: Declude.Virus@declude.com
Subject: [Declude.Virus] Encoded
viruses...worried
Someone just reported to me that MyWife.d
(McAfee)/Kapser.A (F-Prot)/Blackmal.E (Symantec)/etc., has a 3rd of the month
payload
, January 31, 2006 5:37 PM
To: Declude.Virus@declude.com
Subject: RE: [Declude.Virus]
Encoded viruses...worried
Matt, are you saying the attachment as
Declude would see it is B64, UU, UUE, MIM, MME, BHX and HQX? If that is so,
what harm would be in blocking those for now?
John T
eServices
, 2006 5:44 PMTo:
Declude.Virus@declude.comSubject: RE: [Declude.Virus] Encoded
viruses...worried
Actually, I am
already blocking hqz and uue so I went and added the others and will see what
happens.
John
T
eServices For
You
"Seek, and ye shall
omogeneous Windows user
base.
and that'sa wrapfor
tonight.
Andrew 8)
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Colbeck,
AndrewSent: Tuesday, January 31, 2006 6:04 PMTo:
Declude.Virus@declude.comSubject: RE: [Declude.Virus] Encoded
viruses...worried
19 matches
Mail list logo