Hi Joshi :)
Hmmm... First of all... most of this august group (and I don't use that
adjective in jest) are very much internet savvy (even if I can't spell it!
hehe) Take a look at some of the work done by some of these people
(Wirt's site has some really great papers and research on it!)
Secondly, Patrick is using a form of 'masking' his email.... Do you
really think anyone at Google is checking who gets these email accounts?
[log in to unmask] is basically no different than Hotmail.com or
yahoo.com (you just get more storage space). Email savvy people know that
the harvesting is done... but... it is even easier to just couple a name
dictionary roster with 'yahoo.com' and hotmail.com and gmail.com to create
a good spam list.... Why do you think my GMail account is not just a name?
To quote a InfoSec Mentor of mine: "Best Practices Baby, Best Practices"
The other interesting thing here is that you lecture about giving out
email addresses... when we really don't even know where Patrick works...
(unless I missed it, I miss alot hehe) Yet, we have helped him alot without
giving him the "keys to the kingdom"! We know better than to do that on
the World Wild Web... too many bad guys out there trolling for that kind of
info...
The gateway is going to be back up soon it looks like.. and personally?
I don't mind a bit of exposure of my readily guessable email address as a
result... I got a delete key and several layers of email defenses between
the spammer and my inbox... Can you say Quarantine Process and Heuristic
(sp) based willowing of emails?
Remember, Defense in Depth is the watch word of the day...
Art "Still trying to get my talk picked for HP World hehehe " Bahrs
=======================================================
Art Bahrs, CISSP Information Security The Regence Group
(503) 553-1425 FAX (503) 553-1453
"Joshi B."
<joshi@IMMERMA
IL.COM> To
Sent by: [log in to unmask]
"HP-3000 cc
Systems
Discussion" Subject
<HP3000-L@RAVE Re: [HP3000-L] [OT] List etiquette
N.UTC.EDU>
02/26/2005
06:18 AM
Please respond
to
"Joshi B."
<joshi@IMMERMA
IL.COM>
|------------|
| [ ] Secure |
| E-mail |
|------------|
On Fri, 25 Feb 2005 11:44:00 -0500, Patrick Burleson <[log in to unmask]>
wrote:
>Hello,
>
>I just want to ask something about the etiquette of this list. Is it
>the general practice to only discuss in private? Is it ok to reply
>back and include the list? Just wondering.
>
>Thanks,
>Patrick
>
One thing you might want to be aware of is that your name and email
are getting relayed to the comp.sys.hp.mpe usenet group when you reply
to the list. Groups like that are regularly harvested for spam lists
by things called spambots. Anyone who puts information like that
out in the clear is nuts.
The gateway between the list and the group has been quite sick for a
while, and apparently will be shut down entirely. But it has been
quite reliable at sending messages from the list to the group, allowing
valid email addresses to be exposed. Since the people who use the list
aren't generally internet savey, maybe it's for the best that the
gateway die.
-J
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
=============================================================================
IMPORTANT NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited. Nothing in this email, including any attachment, is intended to be a legally binding signature.
=============================================================================
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|
