Hi
On Sat, Mar 24, 2007 at 09:21:01AM -0400, Matthew Rubenstein
wrote:> The Skype network is circulating a virus that has appeared there
> before:
> http://www.informationweek.com/news/showArticle.jhtml?articleID=198500135 .
> The virus sends a URL to other Skype users in the infected user's
> contacts, which the target Skype displays as clickable. Clicking
> downloads the virus.
This is not a "skype virus" per-se. Skype's instant messanging is
used
to transfer the URL of the file. According to the description, the user
even has to confirm the execusion of the program.
If there is an issue here it is with the user interface of the client
program or with other parts of the client system. No inherent feature of
Skype's protocol is used here.
Otherwise it is yet another variation of the "stupid programmer
virus ("I'm a programmer from ___. In my coutry we're still
primitive
and don't know how to write viruses. So when you get this mesage, please
delete some important files and send this message to all the people n
your contacts list").
Variations on this theme have been available for just about any instant
messaging service.
> Asterisk supports features like these,
Sadly, not enough,
> in combination with certain
> clients (which aren't themselves Asterisk), including IM and URL
> redirection. Any reports of this kind of attack on Asterisk itself,
> or using Asterisk to support those potentially vulnerable clients?
This is a purely client issue. Asterisk cannot be expected to filter
URLs passing through it (and even if someone would be foolish enough to
try to do that, there are enough ways around this. Not the least of them
is some trivial javascript redirection).
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir@jabber.org
+972-50-7952406 mailto:tzafrir.cohen@xorcom.com
http://www.xorcom.com iax:guest@local.xorcom.com/tzafrir