[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] .hta virus analysys

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] .hta virus analysys
From: Nick FitzGerald <nick@virus-l.demon.co.uk>
Date: Thu, 20 Nov 2003 17:28:46 +1300

bryce <lord_ph@comcast.net> wrote:

> I'm new to this list, and sorta new to security on a computer. But can 
> someone tell me what program runs a .hta file??

If you have to ask that then you really shouldn't even be thinking of 
"playing with it" should you?

I suggest that this is an example of a very good reason to _not_ allow 
messages with such attachments (though having the mail server 
distinguish them from other "possibly acceptable" atatchments such as C 
or PERL PoCs and the like would be non-trivial...).

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] .hta virus analysys
  - From: madsaxon <madsaxon@direcway.com>

References:
- [Full-Disclosure] .hta virus analysys
  - From: "Jim Duggan" <on_a_thousand@hotmail.com>
- Re: [Full-Disclosure] .hta virus analysys
  - From: bryce <lord_ph@comcast.net>

Prev by Date: Re: [Full-Disclosure] Another noxious M$ trojan
Next by Date: Re: [Full-Disclosure] Another noxious M$ trojan
Previous by thread: Re: [Full-Disclosure] .hta virus analysys
Next by thread: Re: [Full-Disclosure] .hta virus analysys
Index(es):
- Date
- Thread