If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Ok, Who's got the virus?
Somone on .chips has a virus and has been sending it out at a prodigious rate. I just received a warning from someone (sans virus) with an address list that looks like a who's who of ..chips. I'm getting hit about once a minute. The virus is about 150K so that's a lot of crap! ...and that's after setting up a picket of filters on the server! -- Keith |
#2
|
|||
|
|||
"Keith R. Williams" wrote in message
. .. Somone on .chips has a virus and has been sending it out at a prodigious rate. I just received a warning from someone (sans virus) with an address list that looks like a who's who of .chips. I'm getting hit about once a minute. The virus is about 150K so that's a lot of crap! ...and that's after setting up a picket of filters on the server! Yeah, my junk email account (Yahoo) has sent me a warning that my mail box is getting close to its max because of all of wave of mail coming in, and that after that I won't be able to receive emails. No big deal to me, I did setup that account to filter out my spam mail, and if it shuts down temporarily, then that simply means fewer viruses entering it. :-) Most of the mails I seem to be getting are those fake Microsoft patch emails. "Oh please install this attachment in this totally unsolicited but very official looking Microsoft email, it's a patch that'll help you". :-) Yousuf Khan |
#3
|
|||
|
|||
On Fri, 19 Sep 2003 16:24:11 GMT, Will Dormann
wrote: snip I guess one of the reasons that this one is so widely spread is that it doesn't solely rely on user stupidity (opening attachment), but rather it also incorporates an incorrect MIME header exploit so that it automatically executes upon previewing the message in Microsoft Outlook / Outlook Express. I am sure there are people with good business reasons for using Microsoft Outlook / Outlook Express, like the company requires them to. Other than that, I would include continuing use of that software in the category of user stupidity, given what's out there right now. I have what I regard as good business reasons for using Windows at all, but I'm reevaluating. RM |
#4
|
|||
|
|||
Keith R. Williams wrote:
Somone on .chips has a virus and has been sending it out at a prodigious rate. I just received a warning from someone (sans virus) with an address list that looks like a who's who of .chips. I'm getting hit about once a minute. The virus is about 150K so that's a lot of crap! ...and that's after setting up a picket of filters on the server! Once a minute... If I were only so lucky. I'm getting them at a rate of about one per 5-10 seconds. The sender's address is forged, so it's hard to tell where exactly they come from. (Unless you go by the IP address in the header). I guess one of the reasons that this one is so widely spread is that it doesn't solely rely on user stupidity (opening attachment), but rather it also incorporates an incorrect MIME header exploit so that it automatically executes upon previewing the message in Microsoft Outlook / Outlook Express. -WD |
#5
|
|||
|
|||
|
#7
|
|||
|
|||
Keith R. Williams wrote:
Somone on .chips has a virus and has been sending it out at a prodigious rate. I just received a warning from someone (sans virus) with an address list that looks like a who's who of .chips. I'm getting hit about once a minute. The virus is about 150K so that's a lot of crap! ...and that's after setting up a picket of filters on the server! Anybody who has posted to a newsgroup with a non-munged address (such as myself) is a prime target for this worm. According to SARC, the worm gets the target email addresses by: Searches .html, .asp, .eml, .dbx, .wab, .mbx files on the hard disk for email addresses. If a victim of the worm uses Outlook Express (ugh!) to read newsgroups, the newsgroup headers are stored in a .dbx file. -WD |
#8
|
|||
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 In article , Robert Myers wrote: I am sure there are people with good business reasons for using Microsoft Outlook / Outlook Express, like the company requires them to. Whoever at a company insists on such a suicidal course should be tossed out into the street and replaced with someone with a clue. I've received well over 1000 infected messages in the past 24 hours...my mailer is bouncing some of them now, based on subject and IP address, but some are still leaking through. _/_ Scott Alfter / v \ (IIGS( http://alfter.us Top-posting! \_^_/ pkill -9 /bin/laden What is the most annoying thing on Usenet? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/azoqVgTKos01OwkRArbRAKCYt/yn3U7G5+a4xXf7ZpiF9emQsgCg0qOG ca9WoaJOIc3Cm7cUXqzH+1M= =vk8F -----END PGP SIGNATURE----- |
#9
|
|||
|
|||
Keith R. Williams wrote in
: Once a minute... If I were only so lucky. I'm getting them at a rate of about one per 5-10 seconds. That's once per minute *after* adding fourteen filters on the server. The ones getting through don't seem to have a decent handle I can grab that wouldn't also cause others to be filtered. I finally gave up and installed mimedefang -- now i ****can all attachments through our mail system. If people need to send a file they can ftp life is much better now -z |
#10
|
|||
|
|||
On Fri, 19 Sep 2003 09:48:23 -0400, Keith R. Williams
wrote: Somone on .chips has a virus and has been sending it out at a prodigious rate. I just received a warning from someone (sans virus) with an address list that looks like a who's who of .chips. Hai, I'm confirmed in my position as the village idiot, the virus didn't even show up. Ppp Though thanks to this, I went to check this particular email account and realized I missed an email from an actual life person (Robert) about 2 months back *embarrassed grin* -- L.Angel: I'm looking for web design work. If you need basic to med complexity webpages at affordable rates, email me Standard HTML, SHTML, MySQL + PHP or ASP, Javascript. If you really want, FrontPage & DreamWeaver too. But keep in mind you pay extra bandwidth for their bloated code |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Virus email? | Richard Dower | Homebuilt PC's | 5 | November 13th 04 04:49 PM |
"Microsoft email - virus | Echuca | Compaq Computers | 1 | October 18th 04 03:45 AM |
Virus checker in Nero 6 | Bun Mui | Cdr | 10 | May 19th 04 01:02 PM |
DVD-Rom firmware virus infected ? | SLO | Homebuilt PC's | 0 | January 3rd 04 01:47 AM |
Virus | Ron Cook | General Hardware | 2 | October 17th 03 05:18 AM |