I'm a little fuzzy about this part...how do you prevent people from accepting HTML mail, and considering how many mail clients out there send it by default, what do you do when all of a sudden a large percentage of people can't email you anymore? -----Original Message----- From: Whiteside, Larry [contractor] [mailto:BAE14at_private] Sent: Thursday, May 22, 2003 3:31 PM To: Matt LaFelero Cc: incidentsat_private Subject: RE: Possible Intrusion Attempt? <snip> my 2 cents: You should first stop allowing HTML email. That is one of the easiest ways for arbitrary code to be executed on your host. Then you should revamp your security program to teach your users not to open things from unknown sources. As long as you allow HTML email, you can be subject to this type of attack. <snip> ---------------------------------------------------------------------------- *** Wireless LAN Policies for Security & Management - NEW White Paper *** Just like wired networks, wireless LANs require network security policies that are enforced to protect WLANs from known vulnerabilities and threats. Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs. To get your FREE white paper visit us at: http://www.securityfocus.com/AirDefense-incidents ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Sun May 25 2003 - 21:53:25 PDT