Comment Where was the network security??? (Score 1) 447
Unless they knew the version/brand/etc of the email client, writing the trojan to use the client machines existing email client would be a little on the tricky side (unless they were supplied with the info, or retrieved it via some other method), so I'm guessing that they had the trojan send the email itself.... (I'd probably write it that way to)
So does that mean that SMTP outbound was enabled on the firewall (or more to the point, not disabled)?? What other ports are open allowing unrestricted access.
Sure, the users that plugged in the keys are at fault, but a simple rule at the bottom of the firewall rules (deny all to all) and only allowing required services would have stopped this as well.
Then again, I could be wrong.
So does that mean that SMTP outbound was enabled on the firewall (or more to the point, not disabled)?? What other ports are open allowing unrestricted access.
Sure, the users that plugged in the keys are at fault, but a simple rule at the bottom of the firewall rules (deny all to all) and only allowing required services would have stopped this as well.
Then again, I could be wrong.
