Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Happy Independence Day; Impending Storm; Spam Challenge Protocol Pros and Cons SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Happy Independence Day; Impending Storm; Spam Challenge Protocol Pros and Cons
It has been quiet Independence Holiday. It appears most of the mischief makers may be taking a break. Or are they?



Impending Storm



There has been some conversation today that we may have a storm on the horizon. It was suggested that tomorrow could be a bit lively with the announcement of PoC's affecting phpBB, Java exploits and the still lingering Veritas issue. It was suggested by one of our readers that we may want to raise the Alert level just as a wake-up call to our readers. It was decided after much discussion that we are not ready to raise it at this time. We do appreciate all of the feedback from our reader's and the positive input that we received today.



It could be interesting to see what tomorrow will bring. And to see if Kevin will have the honor of raising the yellow flag.



Spam Challenge Protocol Pros and Cons



We received an email today asking for our input on the use of Challenge Protocol to validate an email sender and prevent spam. This particular email was from one of our regular contributors. He has been having a problem with an artificial "denial of service" attack today caused by the use of email addresses from his organization being spoofed.



From his initial email:
"We received tons of challenges to authenticate e-mails sent out (which
we didn't - forged sender addresses!) from a particular product."



I can understand the frustration that this reader is experiencing. I can see the pro's and con's of this type of "validation" and I can see how this could be used to further compromise the reader's email system. I tell my customers to turn off the Auto-reply in their email systems to prevent their email address being used. I also recommend that they turn off the auto notify in their anti-virus software programs what with all of the email spoofing going on today.



So I ask you. What do you think of the use of Challenge Protocol to authenticate emails?





Happy Independence Day to all of my fellow Americans and Happy Monday to everyone else. May we all wake up tomorrow morning to just the normal activity on the net.



Deb Hale


Handler in Duty



haled@pionet.net
Deborah

278 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!