On Wednesday, September 22, 2004, 10:02:56 AM, David Hooton wrote:
On Wed, 22 Sep 2004 10:32:47 -0500, Matthew Wilson matthew@boomer.com wrote:
Also, what if the exploit is multi-stage, and tries to infect actual http servers with infected JPEGs, and thousands of websites become infected...? Would it then be necessary to create a separate SURBL list for these infected domains, or could they be listed in, say, the phishing list?
I don't quite follow your logic here, however the phishing list is designed to stop phishing attacks, not exploits. I think I would consider listing a mass mailed URL if it were only a once off but that is just not likely to be the case.
Yes, I don't see it as a phishing issue either. I see it more as a Windows bug (excuse me, a "knowledge base" ;-) that needs to be fixed by Microsoft and Windows users and not really an issue for SURBLs.
Jeff C.