Re: Getting Viri sent to me

To: "'alfa-digest@domain.elided'" <alfa-digest@domain.elided>
Subject: Re: Getting Viri sent to me
From: Richard Welty <rwelty@domain.elided>
Date: Thu, 20 Jun 2002 07:25:10 -0400 (EDT)
Content-disposition: INLINE
Content-type: TEXT/PLAIN; CHARSET=US-ASCII
In-reply-to: <01C21844.8ED40EA0.jon@domain.elided>
References: <01C21844.8ED40EA0.jon@domain.elided>
Reply-to: Richard Welty <rwelty@domain.elided>
Sender: owner-alfa@domain.elided

On Thu, 20 Jun 2002 10:23:44 +0100 Jonathan Coates <jon@domain.elided> wrote:

> An e-mail address I only use for digest posts has been sent 2 infected
> e-mails today.
> 
> This file: "Unknown0392.data" was infected with: "W32.Klez.H@mm" virus.

> These puport to be from vlady and Rosso75.
> Check that you are up to date with anti-virus stuff or upgrade to Linux,
> Mac or MSDos which are less likely to screw up.

this is a good heads up. i've been beating up on another digest (one
where a member or former member has been infected and has been hitting the
digest with ersatz postings.)

the virus that is currently causing all the trouble is klez; there are a
number of variants.

klez is targeted at users of M$ Outlook/Outlook Express

like other viruses, it mines the address book of your mail reader to get
addresses.

unlike other viruses, it sometimes forges both header From: senders and
envelope senders (only sysadmins/mail hackers need to know about the
difference between the two types of sender, really.)

because of the extensive forgery, it can be damn difficult to figure out
where klez came from; you usually end up puzzling over received lines.

please, if you use Outlook to read your email, make sure your anti-virus is
up to date, or buy one (such as symantec/norton) if you don't have one.
also, hit the M$ web site and get your windows and outlook up to date. if
you are running W98 or newer, this is easy, there's a windows update button
in the start menu.

i have seen numerous klez generated emails purporting to be me. i am not
infected; i read email using mahogany on redhat linux. perhaps someday
there will be a virus targeted to me, but not right now. my mail reader is
instructed to not even let me see html format messages (which is where a lot
of the risk comes from).

thanks,
  richard
--
Richard Welty                                         rwelty@domain.elided
Averill Park Networking                                         518-573-7592
              Unix, Linux, IP Network Engineering, Security
--
to be removed from alfa, see /bin/digest-subs.cgi
or email "unsubscribe alfa" to majordomo@domain.elided

References:
- Getting Viri sent to me
  - From: Jonathan Coates <jon@domain.elided>

Prev by Date: Milano fan wiring
Next by Date: Emissions legalities
Previous by thread: Getting Viri sent to me
Next by thread: Milano fan wiring
Index(es):
- Date
- Thread

Home | Archive | Main Index | Thread Index