Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,217,698 members, 8,035,150 topics. Date: Monday, 23 December 2024 at 04:06 AM

Email Virus Alert(s) - Computers - Nairaland

Nairaland Forum / Science/Technology / Computers / Email Virus Alert(s) (1654 Views)

Virus Alert / Fyi: Virus Alert! / Osama Bin-laden Virus Alert: Warn Everyone! (2) (3) (4)

(1) (Reply) (Go Down)

Email Virus Alert(s) by joftech(m): 11:20am On Jul 26, 2005
New virus trick



From: helpdesk@tellumat.comĀ  Add to Address Book
To: joftech@yahoo.com
Subject: Re: Order
Date: Thu, 25 Aug 2005 13:05:21 +0530

Thanks!

+++ Attachment: No Virus found
+++ MessageLabs AntiVirus - www.messagelabs.com

Attachments
Attachment scanning provided by:

Files:
all_in_all_newsfeed.zip (31k) Save to Computer - Save to Yahoo! Briefcase
Delete Reply Forward Not Spam Move...
Previous | Next | Back to Messages www.messagelabs.com
Save




The above message from my mailbox is a virus (Netsky). I doubted the message - I know a virus when I see one - but I still proceeded to open it and lo and behold Yahoo Mail was smart enough to detect it. It's a zip file and it was purported to have been scanned by "messagelabs". Can anyone see the ingenuity of this nicely crafted e-mail?

Now I have to block the downloading of zip files on my gateway; I only used to block exe, dll, cab, shb, vbs, etc before.

Like my security paradigm whether you know the sender or not think twice and be prepared before you open.
Re: Email Virus Alert(s) by c0dec(m): 6:01pm On Jul 26, 2005
Re: Email Virus Alert(s) by joftech(m): 6:22pm On Jul 26, 2005
c0dec:

use linux cool

I have been using Linux as a gateway for the past 3 years now. Strickly terminal/ssh though.
Re: Email Virus Alert(s) by jogego(m): 7:13pm On Jul 26, 2005
I open any mail without thinking. Virus? What is so called?
Re: Email Virus Alert(s) by Seun(m): 11:34pm On Jul 26, 2005
Linux viruses could easily be written, it's just not worth it for most hackers. Chances are that the kind of people who use Linux don't have much money for a hacker to steal.
Re: Email Virus Alert(s) by jogego(m): 9:10am On Jul 27, 2005
Viruses are not written basically to steal money,as if windows users are all millionaires or sumthing. Most windows users are using pirated copies.Correct me if am wrong? Viruses are written just to create havoc. The reason they cannot work so well in Linux is that by design, Linux systems are security conscious. You can't do anything that will affect the running of the system without signing in as SU(super user) or root.

Windows we all know is not like that. That is how come, macros can be written to take advantage of Activex lapses using IE and Outllok. Look at the "I love you" virus. Apart from this is number. Since you guys are the most available, why would I target a less than 10% OS users of Mac OS , BSD, Linux when I have a chance of making a name by infecting the 90% who use windoze.
Re: Email Virus Alert(s) by joftech(m): 4:31pm On Jul 27, 2005
Chances are that the kind of people who use Linux don't have much money for a hacker to steal.

@seun am quite surprised to hear that statement from you. do you think hackers are yahoo boyz; the motivation behind virus coding is not normally for the financial gain, you can hack just for the fun of it, it's only until recently that some organized criminals have started to give incentives to blackhats to hack systems.

And basically there are 3 type of hackers, Whitehats, grayhat and the most dreaded blackhat. All network security experts are expected to be whitehats but some get their blood poisoned.

Mostly virus writers are teenagers that just want to get a kick for doing what they did. Just like that slammer coder.

Anyway Linux users are billionaire, even Microsoft used to use Linux for their websites too, thanks to Akamai.
Re: Email Virus Alert(s) by Seun(m): 5:52pm On Jul 27, 2005
Accepted. I didn't think that statement through before publishing it.
Re: Email Virus Alert(s) by timba(m): 8:05pm On Jul 27, 2005
Hmm... I wonder how your customers would feel seeing that they cannot download executables! How about this? Why don't you run a content filter for the downloads? Use a content filter with your proxy cache (if you use one) and use a free antivirus engine like ClamAV. As a matter of fact most of the antivirus companies (at least I know Pandasoftware) have free Linux versions of their antivirus software. You could easily pay for the updates and have the software do the scanning of the downloaded files before they reach the client systems.

Funny enough I saw something like mod_clamav for Apache! Hmm... I wondering how that could be used.
Re: Email Virus Alert(s) by joftech(m): 8:46pm On Jul 27, 2005
Hmm... I wonder how your customers would feel seeing that they cannot download executables!
@timba, i have a policy of not allowing the downloading of the following file (exe, dll, zip, mp3, iso etc) to just anyone, apart from the fact about viruses the are bandwidth hog. If they want to download them they notify me and i allow them to do that once they are through i put on the lock again.

I sounds crazy to be formating system everyday. Viruses can wreck havoc on your network if you are not careful. I hope you also know that these viruses can turn your pcs into spambox.

So it's just better to protect yourself than stressing yourself.
Re: Email Virus Alert(s) by Hunter(m): 2:12pm On Jul 29, 2005
ah, security debates about windows vs linux is there nothing better wink

Personally I am of the beleif that if a hacker really wanted to stuff with your stuff it wouldn't matter what o/s you were running they could do it!
Re: Email Virus Alert(s) by timba(m): 1:07pm On Aug 03, 2005
@joftech, if it's your organizational policy to disallow downloads with those extensions, it's okay but have you considered what could happen if someone downloads a file with a .txt extension but the Content-Type is that of VBScript or something like that - it would provide the same effect (depending on the browser) as downloading a .vbs file. May be you should consider blocking by content type instead of by file extension.

Secondly, from experience, I've found out that if you have WindowsTM (since the OS seems to be the one giving the most problems) installed on your client systems, having them automatically download updates (which are executables) and installing them is a good thing - trust me it would save you a lot of headache especially when there's a worm epidemic.

On the network I administer, we use a proxy cache that throttles the bandwidth allocated to a request when the file size of the download is really large. That way, you could choose to download an ISO and it would not become a bandwidth hog for the rest of the Internet users.

Third, a well configured firewall would stop the activities of a number of worms even if they do infect any of your systems. I once had a problem with a mass-mailing worm and I was able to stop the activity of the worm sending itself as a mail attachment by blocking access to the SMTP. The only problem I had with the worm was that it kept trying to resolve MX records for a number of mail destinations - I'm still looking for ways of blocking MX lookup requests from the DNS server (since we don't need it). Do you know how?
Re: Email Virus Alert(s) by joftech(m): 9:22pm On Aug 03, 2005
I'm still looking for ways of blocking MX lookup requests from the DNS server (since we don't need it)

which DNS are u using?
Re: Email Virus Alert(s) by timba(m): 11:04am On Aug 04, 2005
BIND 9

(1) (Reply)

Yahoo Mail Beta Activation / Avira Antivir Personal Vs Eset Nod32 / Where Is Dell, Hp Or Acer Showroom In Nigeria ! I Need A Laptop.

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 27
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.