[govsec] Morris Worm and a Change in Direction

jmetz at intac.com jmetz at intac.com
Fri Nov 5 17:29:14 EST 2004


You are looking at the situation as an individual user, I was suggesting
that the mail server do the conversion. The user and sender become
ir-relevant to the process.

The user would only see the end product the message. In the conversion the
senders method is or would be of no consequence because it would be
stopped and converted to a safe message prior to delivery.

As I stated before the mail server would be considered a sacrificial lamb
with an appropriate amount of redundancy that nothing would be lost

The idea of security is to prevent the user from being able to place
themselves in a vulnerable position, that would mean that officials would
only be allowed to use the .gov mail system ,web mail yahoo ,google and
the like would not be allowed for officialdom or any contractors while on
the job.

You simply bar the door from the web mail or personal mail servers so that
the ips are not accessible while on or near government property

Anyone who violates that basic security should be terminated the same
thing with instant messengers, the portals should be blocked while on
federal property or on any governmental computer.

If the ports are blocked properly the the intruders can't get in to wreck
havoc

If the user has no way to violate security then the systems are kept secure

It always comes down to what price security,,



> On Fri, 05 Nov 2004, jmetz at intac.com wrote:
>
>>
>>
>> one question bothers me in almost every situation all mail (to any
>> Governmental officer)  is considered either questionable or often non
>> deliverable to the intended recipient mostly this has been because of
>> the
>> potential of virus/worm delivery.
>>
>> Yet in all the years of Email no one has ever considered mail conversion
>> prior to delivery.
>>
>> Why has no one ever setup a system of conversion to pdf  in the mail
>> system.
>> This would be one way to insure that real information would be
>> transfered
>> no matter how it was sent.
>>
>> A stand alone mail Gateway which automaticly strips all mail html or
>> plain
>> text ( oe even preexisting PDF converting it to pdf and then
>> transposting
>> it to the intended recepient would prevent most worms/virus from ever
>> getting through.
>
> I don't see how it can be a solution. People who use bogus email client
> like Outlook Express to display html mails will maybe use a bogus pdf
> viewer. The problem is not with HTML or PDF, it's with people who use
> vulnerable programs, and in a good email client an HTML message is not
> supposed to be able to run a program.
>
> --
> gpg fp: 8a7e 9719 b38d 97c6 6af0  d345 12a0 3708 2c8c 3c11
> http://boklm.mars-attacks.org/
> _______________________________________________
> govsec mailing list
> govsec at attrition.org
> http://www.attrition.org/mailman/listinfo/govsec
>



More information about the govsec mailing list