[35391] in bugtraq
Re: Is predictable spam filtering a vulnerability?
daemon@ATHENA.MIT.EDU (Bill Burge)
Sun Jun 20 11:29:28 2004
Message-ID: <200406181151000530.052DC75B@sendmail.burge.com>
In-Reply-To: <20040617172700.GA21370@eip.bitnux.com>
Date: Fri, 18 Jun 2004 11:51:00 -0700
Reply-To: Bill@Burge.com
From: "Bill Burge" <bill@Burge.com>
To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 8bit
This is nothing new to spam filtering. Any dynamic/proactive filter mechanism is subject to the sam shenanigans.
This has been a "feature" of IntrusionPreventionSystems since they came out. Spoof an attack from an IP you want to be denied, and the IDS updates the ruleset on the firewall (what a IPS really is, an IDS talking to a firewall) and that third party can't get past that perimeter.
bburge
someguy who does this kinda stuff
*********** REPLY SEPARATOR ***********
On 6/17/2004 at 7:27 PM Joel Eriksson wrote:
>On Wed, Jun 16, 2004 at 01:26:28PM +0200, R Armiento wrote:
>[snip]
>> For example: attacker 'A' sends 'B' a social engineering request
>> for "the secret plans" and says "if you are unsure, forward my
>> request to your boss and ask if this is okay". 'B' forwards the
>> email to his boss 'C' and asks "Is this okay?". However, 'C':s
>> spam filter silently drops the email. 'A' forges a reply from
>> 'C' saying: "Sure, no problem, go ahead."
>
>Many will probably discard the above as farfetched or ignore it
>since it's not a "real" vulnerability that gives remote root to
>the attacker, I think it's beautiful though. :)
>
>Security is a state of mind, a way of thinking. Vulnerabilities
>are all around us and the one you point out above is certainly
>one of them.
>
>> Regards,
>> R. Armiento
>
>--
>Best Regards,
> Joel Eriksson
>-------------------------------------------------
>Cellphone: +46-70 228 64 16 Home: +46-26-10 23 37
>Security Research & Systems Development at Bitnux
>PGP Key Server pgp.mit.edu, PGP Key ID 0x08811B44
>DF38 5806 0EFB 196E E4B6 34B5 4C01 73BB 0881 1B44
>-------------------------------------------------
