OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Can A Web Site Be Reliably Defended Against DoS Attacks?

[ Lists Home | Date Index | Thread Index ]

On Thu, 2004-02-05 at 09:16, jcowan@reutershealth.com wrote:
> Dare Obasanjo scripsit:
> > Short of creating a mail client and server that prevented people from
> > receiving mail attachments, how would you solve the problem exploited
> > by this current virus on any one of the popular operating systems
> > existing today?
> 1) Don't allow executables to be run directly out of mail messages or archives
> contained in mail messages (or perhaps any archives at all).

> 2) Use something other than full-bore executables for screensavers (X has this
> problem too, unfortunately)
> 3) "Friends don't let friends run as root."
> 4) Modify the SMTP servers used by ISPs (and their government and academic
> equivalents) so they don't accept incoming mail directly from IPs assigned to
> customers of other ISPs (the MAPS DUL list is an example of this).
this has problems for highly mobile users - which we have lots of, and
the reverse addressing stuff doesn't work too well because i can sit at
home on my domain - zenucom.com, attached from a dynamic ip address that
reverses as iprimus, (forward iserver.zenucom.com resolves to the
dynamic address), and i don't really want to route everything through my
main server because fixed ip address services in australia cost from
10c/Mbyte upwards depending on speed.

gets worse when i go to china.....

a penny an email might work .... particularly if you run your own mail
server. for a change i get paid to receive mail, although i think that
scheme should charge the sender based on the message cost plus a margin,
min charge 1 penny - like our 1900 telephone services

i don't see opt in mail as a solution because we already have problems
with spoofed email addresses.

and vpn's don't help because they have to accept all traffic before they
start filtering ....



News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS