| Page 1 of 2 | 1 | 2 |
|
|
Virus/Worm email messages
Is anyone else being deluged with Virus/Worm email messages?
-- 73, Cecil http://www.qsl.net/w5dxp -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =----- |
"Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp Yes, 14 yesterday and 4 so far this morning. 73, Steve WB6RIB |
"Steve" wrote in message m... "Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp Yes, 14 yesterday and 4 so far this morning. you must not have many friends who have you in their address book... i got about 1000 overnight last night and about 2500 the day before. |
"Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp Yes over 600 in the last 3 or 4 days. Dee D. Flint, N8UZE |
Is anyone else being deluged with Virus/Worm email messages?
-- ================================ Me too - 2000 per day. Terrorist attack or just another up-and-coming Bill Gates? G4FGQ, UK |
"J. McLaughlin" wrote in message ... YES. MB worth. So many that E-mail drive was filled on Friday. Just received five in a five minute period. Not hard to trap, however they are quite a pain. Have yet to get ISP to block them. Good luck. Mac N8TT my isp is stopping the infected ones, which appears to be most of them.. its funny though, some get through with an empty attachment. there must be a bug in the virus that occasionally attaches an empty file instead of itself. |
On Sat, 20 Sep 2003 19:01:51 +0000 (UTC), "Reg Edwards"
wrote: Is anyone else being deluged with Virus/Worm email messages? -- ================================ Me too - 2000 per day. Terrorist attack or just another up-and-coming Bill Gates? G4FGQ, UK Me too, 49 yesterday and 80 today. Walt, W2DU |
"David Robbins" wrote in message ... "J. McLaughlin" wrote in message ... YES. MB worth. So many that E-mail drive was filled on Friday. Just received five in a five minute period. Not hard to trap, however they are quite a pain. Have yet to get ISP to block them. Good luck. Mac N8TT my isp is stopping the infected ones, which appears to be most of them.. its funny though, some get through with an empty attachment. there must be a bug in the virus that occasionally attaches an empty file instead of itself. Actually my ISP is blocking the actual virus/worms but then the message itself gets passed on to me with a statement from the ISP that if I want the file to contact the sender and arrange another means of getting it. However, that still is a huge number of emails in my box. I've tried to trap them but the headers and senders, etc are all different. If you have a suggestion on how to stop them, please let us all in on it. Dee D. Flint, N8UZE |
"Dee D. Flint" wrote in message . com... "David Robbins" wrote in message ... "J. McLaughlin" wrote in message ... YES. MB worth. So many that E-mail drive was filled on Friday. Just received five in a five minute period. Not hard to trap, however they are quite a pain. Have yet to get ISP to block them. Good luck. Mac N8TT my isp is stopping the infected ones, which appears to be most of them.. its funny though, some get through with an empty attachment. there must be a bug in the virus that occasionally attaches an empty file instead of itself. Actually my ISP is blocking the actual virus/worms but then the message itself gets passed on to me with a statement from the ISP that if I want the file to contact the sender and arrange another means of getting it. However, that still is a huge number of emails in my box. I've tried to trap them but the headers and senders, etc are all different. If you have a suggestion on how to stop them, please let us all in on it. Dee D. Flint, N8UZE if you can filter by the text in the body use "September 2003, Cumulative Patch" that should be unique enough to catch them without taking out other messages. the isp messages should be easy to filter out, i use the phrases "virus found in received message" and "problem found in received message" to send them to the deleted folder. |
Cecil Moore wrote:
Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =----- You are not alone! We are not alone! You can learn a bit about it -- just hit google with 'swen virus' as a search term and look' at any of the antivirus sites such as Symantec. It may take a while before this one dies down! -- -------------------------------------- Diagnosed Type II Diabetes March 5 2001 Beating it with diet and exercise! 297/215/210 (to be revised lower) 58"/43"(!)/44" (already lower too!) -------------------------------------- Visit my HomePage at http://members.shaw.ca/finkirv/ Visit my very special website at http://members.shaw.ca/finkirv4/ Visit my CFSRS/CFIOG ONLINE OLDTIMERS website at http://members.shaw.ca/finkirv5/ -------------------- Irv Finkleman, Grampa/Ex-Navy/Old Fart/Ham Radio VE6BP Calgary, Alberta, Canada |
There is a major net attack in progress. The Swen worm can bug even
well-protected computers, since the payload arrives as a 106 kB email attachment. If your mailbox has a 10 MB capacity, then all you need is 90+, and you admin will automatically start bouncing ALL your incoming mail. In effect, a Denial of Service fringe benefit for the worm. In addition to trying to look like an official MS announcement, the worm is also arriving in the form of a fake notice of undeliverable email. Don't investigate ANY attachments unless you want to live very dangerously. Ed WB6WSN "J. McLaughlin" wrote in message ... YES. MB worth. So many that E-mail drive was filled on Friday. Just received five in a five minute period. Not hard to trap, however they are quite a pain. Have yet to get ISP to block them. Good luck. Mac N8TT -- J. Mc Laughlin - Michigan USA Home: "Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp |
In article , "Dee D.
Flint" wrote: I've tried to trap them but the headers and senders, etc are all different. The "From:" lines are likely forged. Many such worms and viruses pick recipients and purported senders randomly from the infected computer's Outlook or Outlook Express address list. If you want to see where the message really is coming from, examine full headers carefully -- specifically, the "Received: from" lines. If you have a suggestion on how to stop them, please let us all in on it. Persuade the universe to cease using unsafe operating system software, browsers, and e-mail programs coming from Redmond, WA ;-). UNIX, including the version now marketed by Apple, is pretty safe. David, ex-W8EZE, whose computers are happily MS-free except for safe 11 year old versions of Word and Excel -- David or Jo Anne Ryeburn To send e-mail, remove the letter "z" from this address. |
"Reg Edwards" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- ================================ Me too - 2000 per day. Terrorist attack or just another up-and-coming Bill Gates? G4FGQ, UK I don't recall anything in Gates' career that's equivalent to the present worm attack. Do you have any factual backup for your off-hand slander? Ed WB6WSN |
Yes.
In the last two or three days. A lot of them. pez SV7BAX "Cecil Moore" wrote in message ... | Is anyone else being deluged with Virus/Worm email messages? | -- | 73, Cecil http://www.qsl.net/w5dxp | | | | -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- | http://www.newsfeeds.com - The #1 Newsgroup Service in the World! | -----== Over 100,000 Newsgroups - 19 Different Servers! =----- |
boy looks like you guys are getting the long end of the stick
i have had over 300 emails in the past 24 hours and i would say 100 of them had virus attachments with them thank the gods for spam filters and norton antivirus running all the time |
On Sat, 20 Sep 2003 12:57:53 -0500, Cecil Moore
wrote: Is anyone else being deluged with Virus/Worm email messages? Hi All, Almost across the board, the problem is glaringly evident, and certainly one you choose to live with. :-) X-Newsreader: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 the body count associated with those reporting: 1000 overnight last night and about 2500 the day before over 600 MB worth. So many that E-mail drive was filled on Friday. 2000 per day Of ten current correspondents, 8 use insecure MS products and their numbers of incoming mails are easily 10 fold over the two that are not. (Walt, even though you now use Agent for news reading, you still use Outlook Express for mail). My count stands at 0 aside from the usual load of porn that Agent filters directly into the bit bucket (perhaps one half to one dozen a day). This doesn't protect me entirely. My own ISP's newserver (being a microsoft product) decided to whack out during the Blaster attack by resetting my cable modem every 15 seconds (through the early hours when I simply turned off my machine). Through the attack (again, my machine was still off), I contacted Comcast's service line to get a fellow pitifully scripted to provide no real answers: him: "our network is currently down" me: "are you using MS servers?" him: "No" me: "What are you doing about it?" him: "We are in contact with MS about the problem." me: (significant silence) him: (keys banging away) "I cannot ping your modem." me: "The network is down. Why did you even try?" him: (significant silence) For several weeks afterword, their still infected server was sending infected e-mails in my behalf, using an old address (not even in my machine anymore after being changed from AT&T) they keep for forwarding. How do I know I wasn't infected? I corresponded daily through another ISP (my co-host) without a hitch through the entire period. Visit: http://grc.com/default.htm to obtain security fixes BEFORE the viruses are diagnosed through autopsy. I've been living quite free of these problems (aside from stupid Comcast) WITHOUT ONE MS security (sic) upgrade for 8 years. Now, as to you having made this choice of product and enjoying the virtues of all the marketing concepts. MS has clearly described how to fix these problems by turning all javascript and OLE switches off - and I might add, never double clicking OE or IE. feds: "When are you going to take care of these virus problems?" MS: "Viruses are not our fault, prosecute the lawbreakers." In today's Business section (Seattle): "Goodby, Mr. Bill Gates? Japan, South Korea and China discuss working to promote Linux" "But the Redmond-based company said 'consumers and market forces, not government preferences, should determine software selection...'" 8 out of 10 here support MS's agenda, and it shows in the numbers. 73's Richard Clark, KB7QHC |
I'm getting 30 to 50 per day and another about half that number of of
messages from my isp stating that they had trapped a virus (blaster worm) David Robbins wrote: "Steve" wrote in message m... "Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp Yes, 14 yesterday and 4 so far this morning. you must not have many friends who have you in their address book... i got about 1000 overnight last night and about 2500 the day before. |
Cecil, the virus/worm messages at my QTH got so bad that I went to my
non read mail list at Comcast and deleted over 65 message related to Microsoft with attachments and file sizes greater than 100K. I had two days of being flooded with messages containing viri and McAffee kept deleting them and I had to reboot to get control. Finally, tonight, Saturday at 6:45 EST, the backlog is temporarily [I hope] cleared off and I am using Netscape 7.1 again instead of Comcast. Expolit-MIME.gen and W32/SWEN@MM really flooded the net this weekend. Deacon Dave, W1MCE + + + Cecil Moore wrote: Is anyone else being deluged with Virus/Worm email messages? |
Cecil Moore wrote in message ...
Is anyone else being deluged with Virus/Worm email messages? Only about 800 in the last 3 weeks...Sobigf was a real PIA. All the servers thought I was sending that crap, being the e-mails are forged. The "server" notices are as bad a spam as the actual spam or virus itself as far as clogging bandwidth. Not to mention the 100's of "microsoft" patches I get. My frigging anti-spam filter probably traps 75-80 funky e-mails a day. I have to weed through them often for "good" e-mails, or I get so many stacked up, it takes an hour to weed through them all. I have my anti-spam set to industrial strength. It catches some "good" emails... MK |
Cecil Moore wrote:
Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =----- Last night I downloaded a program called Mailwasher. It is freeware, and very easy to use. It checks your e-mail while it is still on the server, and you can delete it from there without having to download it to your computer. It allows you to check the e-mail addresses of the originating messages and have them deleted. You can then just download what you want -- messages from friends. I just went to Google, typed in Mailwasher, and it took me directly to the download site. It sure helps here as I have had well over 1500 messages in the past twenty four hours! Only about fifty were wanted. The problem is that I belong to 8 newsgroups, and that's where a lot of the email addresses get harvested! This is one of the eight! I don't think there's much can be done until everyone clears the virus off their computers. Although I am virus free, it still doesn't stop the e-mails from coming in! -- -------------------------------------- Diagnosed Type II Diabetes March 5 2001 Beating it with diet and exercise! 297/215/210 (to be revised lower) 58"/43"(!)/44" (already lower too!) -------------------------------------- Visit my HomePage at http://members.shaw.ca/finkirv/ Visit my very special website at http://members.shaw.ca/finkirv4/ Visit my CFSRS/CFIOG ONLINE OLDTIMERS website at http://members.shaw.ca/finkirv5/ -------------------- Irv Finkleman, Grampa/Ex-Navy/Old Fart/Ham Radio VE6BP Calgary, Alberta, Canada |
Ed Price wrote:
"Reg Edwards" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- ================================ Me too - 2000 per day. Terrorist attack or just another up-and-coming Bill Gates? G4FGQ, UK I don't recall anything in Gates' career that's equivalent to the present worm attack. Do you have any factual backup for your off-hand slander? He isn't responsible for this. But he IS responsible for the abysmally poor software his company writes. It is a litany of flaws. - Mike KB3EIA - |
The virus is in the original attachments and at the web site the text urges
you to download. If you don't open the attachment, or download the "security patch", you won't get the virus. However, you will get floods of this kind of traffic. It's coming from infected computers that have your email address, and from your email address harvested from newsgroups, and even from some web sites you've gone to. I think the flooding will continue for awhile longer. Some ISPs neutralize the attachment, but the message comes on through with an empty attachment. Whatever, don't take a chance and open the attachment. If you haven't done it yet, mung your newsgroup email address so this won't happen in the future. Something like . That will keep you from getting flooded in the future. |
If you use Norton System Works or Norton Antivirus, bring up their main
configuration screen, click on antivirus options email and choose the last item: "Repair and silently delete if unsuccessful". The messages end up pronto in the Deleted Item folder where you can check later for desirable messages that might have slipped through and then get rid of all the nasties with one right click on that folder. Saves a lot of aggravation. Keep incoming email scanning on. Marty K1FHR "RB" wrote in message ... The virus is in the original attachments and at the web site the text urges you to download. If you don't open the attachment, or download the "security patch", you won't get the virus. However, you will get floods of this kind of traffic. It's coming from infected computers that have your email address, and from your email address harvested from newsgroups, and even from some web sites you've gone to. I think the flooding will continue for awhile longer. Some ISPs neutralize the attachment, but the message comes on through with an empty attachment. Whatever, don't take a chance and open the attachment. If you haven't done it yet, mung your newsgroup email address so this won't happen in the future. Something like . That will keep you from getting flooded in the future. |
"Mike Coslo" wrote in message ... Ed Price wrote: "Reg Edwards" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- ================================ Me too - 2000 per day. Terrorist attack or just another up-and-coming Bill Gates? G4FGQ, UK I don't recall anything in Gates' career that's equivalent to the present worm attack. Do you have any factual backup for your off-hand slander? He isn't responsible for this. But he IS responsible for the abysmally poor software his company writes. It is a litany of flaws. - Mike KB3EIA - My point is that you should save your litanies for the correct occasions. You can't respond to every net problem with a half-ass reference to "Redmond" or "Gates". In point of fact, this IS a terrorist attack. Although software should be robust, the majority of your ire should be directed toward the terrorist attacker. Ed WB6WSN |
'Doc wrote:
The two smartest things I've ever done was invest in a good antivirus program and a good firewall. I've got those but they don't block the emails telling me a virus has been removed. -- 73, Cecil http://www.qsl.net/w5dxp -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =----- |
"Ed Price" wrote in message
I don't recall anything in Gates' career that's equivalent to the present worm attack. Do you have any factual backup for your off-hand slander? Ed WB6WSN Well, as far as I'm concerned, he had as much hand in it as anyone. If his company would quit selling reader software with enough holes to qualify as swiss cheese, many of these macro viruses wouldn't have a leg to stand on. I've had 100's of server returns accusing me of spreading viruses, and also that I'm running Microsoft Outlook Express 6.00.2600.0000. But this is not the case. I use old bulletproof netscape 3.1 to read mail. These viruses are a non issue to me. Why are they an issue to a software that is supposed to be a step up from the ancient reader I'm using? If everyone would quit running Billware 6.00.2600.0000, we could nip this macro virus thing in the bud. Probably would stop 90% of it overnight. Heck, with all the latest holes in these new win OS's they are spitting out, I'm temped to stay with win98 a few more years. MK |
"Mark Keith" wrote in message om... "Ed Price" wrote in message I don't recall anything in Gates' career that's equivalent to the present worm attack. Do you have any factual backup for your off-hand slander? Ed WB6WSN Well, as far as I'm concerned, he had as much hand in it as anyone. If his company would quit selling reader software with enough holes to qualify as swiss cheese, many of these macro viruses wouldn't have a leg to stand on. I've had 100's of server returns accusing me of spreading viruses, and also that I'm running Microsoft Outlook Express 6.00.2600.0000. But this is not the case. I use old bulletproof netscape 3.1 to read mail. These viruses are a non issue to me. Why are they an issue to a software that is supposed to be a step up from the ancient reader I'm using? If everyone would quit running Billware 6.00.2600.0000, we could nip this macro virus thing in the bud. Probably would stop 90% of it overnight. Heck, with all the latest holes in these new win OS's they are spitting out, I'm temped to stay with win98 a few more years. MK In other words, nothing factual, just "as far as I'm concerned." Thank you for your rant. Ed WB6WSN |
"David or Jo Anne Ryeburn" wrote in message ... In article , "Dee D. Flint" wrote: I've tried to trap them but the headers and senders, etc are all different. The "From:" lines are likely forged. Many such worms and viruses pick recipients and purported senders randomly from the infected computer's Outlook or Outlook Express address list. If you want to see where the message really is coming from, examine full headers carefully -- specifically, the "Received: from" lines. If you have a suggestion on how to stop them, please let us all in on it. Persuade the universe to cease using unsafe operating system software, browsers, and e-mail programs coming from Redmond, WA ;-). UNIX, including the version now marketed by Apple, is pretty safe. David, ex-W8EZE, whose computers are happily MS-free except for safe 11 year old versions of Word and Excel If everyone switched to UNIX, the solution would be short-lived as the virus writers would then switch to attacking it. Right now, they simply get more "bang for the buck" by attacking Windows and it doesn't give them much of a thrill to also go after UNIX system users or Apple computer users. Dee D. Flint, N8UZE |
Cecil,
Each antivirus program is different, but most have an email checking option, both incoming and outgoing email. That option should be activated. The options for email checking vary, some require that you decide what to do about an infected email, some will 'clean' it automatically or get rid of it in some way. Which method you choose is up to you. Firewalls are even more varied than antivirus programs and are a real P.I.T.A. to set up correctly. so R.T.F.M. is the key with them. It also depends on the programs/TSR's you use. Some are not safe at all. Richard listed a site in his post that is very very good about telling you the how/what/where about spamming and virus/worm/?? activities. The utilities on that site work, are a good idea, and I recommend them. 'Doc PS - These virus 'floods' are still a P.I.T.A. and I have to delete them, but they stand NO chance of infecting my machine. |
Dear Mr. Flint and group:
I am told by knowledgeable UNIX people (another partitioning of the world) that the structure of UNIX is such that attacks can not be successful. I am told that there are only three ports into/outof UNIX modules and it is simple to guard them. The Bill ware OSs allow all sorts of back doors and side doors and over-the-transom ports. What I do not understand is why someone has not funded a set of bright Indian programmers to produce an OS that can execute Window programs without committing the errors made by Bill's people. There is a Unix based program that is able to execute some, well behaved Windows programs. I threaten my students with eternal haunting if they ever write a control program in Bill style. 73 Mac N8TT -- J. Mc Laughlin - Michigan USA Home: "Dee D. Flint" wrote in message .com... "David or Jo Anne Ryeburn" wrote in message ... In article , "Dee D. Flint" wrote: snip Persuade the universe to cease using unsafe operating system software, browsers, and e-mail programs coming from Redmond, WA ;-). UNIX, including the version now marketed by Apple, is pretty safe. David, ex-W8EZE, whose computers are happily MS-free except for safe 11 year old versions of Word and Excel If everyone switched to UNIX, the solution would be short-lived as the virus writers would then switch to attacking it. Right now, they simply get more "bang for the buck" by attacking Windows and it doesn't give them much of a thrill to also go after UNIX system users or Apple computer users. Dee D. Flint, N8UZE |
Virus/Worm - What is it?
73!, Alexander, DL1PBD |
On Sun, 21 Sep 2003 10:08:46 -0500, 'Doc wrote:
Cecil, Each antivirus program is different, but most have an email checking option, both incoming and outgoing email. That option should be activated. The options for email checking vary, some require that you decide what to do about an infected email, some will 'clean' it automatically or get rid of it in some way. Which method you choose is up to you. Firewalls are even more varied than antivirus programs and are a real P.I.T.A. to set up correctly. so R.T.F.M. is the key with them. It also depends on the programs/TSR's you use. Some are not safe at all. Richard listed a site in his post that is very very good about telling you the how/what/where about spamming and virus/worm/?? activities. The utilities on that site work, are a good idea, and I recommend them. 'Doc PS - These virus 'floods' are still a P.I.T.A. and I have to delete them, but they stand NO chance of infecting my machine. Hi Doc, To again offer that link: http://grc.com/default.htm to obtain security fixes BEFORE the viruses are diagnosed through autopsy. I've been living quite free of these problems (aside from stupid Comcast) WITHOUT ONE MS security (sic) upgrade for 8 years. I also have not used an "antivirus" program in 12 years. In that same time I have probably downloaded several 10's of GB of software, run it, kept some, discarded most, and to no ill effect. In fact, I am probably my own worst enemy when some 15 years ago I was writing a file interface where one wrong bit erased my hard drive before my jaw could sag. Yesterday only two (2) emails arrived and were caught by one of 7 email filters in my purchased version of Agent - all of them set to trash porn. No other email at all (pretty slow day). They may have been part of this latest Virus, perhaps not, I will never know and I don't care either way. Clearly 80% of those who suffer and complain have some sort of Masochistic need to feed their habit. The folks at Agent are about to release version 2 which will have many more configurable features like multiple accounts support, multiple connection support, folders within folders (for hierarchal email and article storage) and all while maintaining a safe separation between sanity and MS. I will only have to pay an upgrade fee, but I would buy into it full price without hesitation. I also use Agnitum Outpost Firewall. Visit: http://www.agnitum.com/ This blows away nearly all the ads that fill up the browser display (leaving only their default titles as links). When an ad slips through to annoy me, I just add it to the list Outpost ignores downloading. I can set any application's level of trust and block traffic in configurable settings (however, default Outpost works quite well out of the box) - and this is the FREE version. 73's Richard Clark, KB7QHC |
On 20 Sep 2003 21:45:27 -0700, (Mark Keith) wrote:
"Ed Price" wrote in message I don't recall anything in Gates' career that's equivalent to the present worm attack. Do you have any factual backup for your off-hand slander? Ed WB6WSN Well, as far as I'm concerned, he had as much hand in it as anyone. If his company would quit selling reader software with enough holes to qualify as swiss cheese, many of these macro viruses wouldn't have a leg to stand on. I've had 100's of server returns accusing me of spreading viruses, and also that I'm running Microsoft Outlook Express 6.00.2600.0000. But this is not the case. I use old bulletproof netscape 3.1 to read mail. These viruses are a non issue to me. Why I would respectfully suggest that you upgrade to one of the later versions of Netscape. 3.1 is about as open to giving out your information as any produced. I run Netscape, Mozilla (slightly different but Netscape used a Mozilla core) Thunderbird, and Pearl. are they an issue to a software that is supposed to be a step up from the ancient reader I'm using? If everyone would quit running Billware 6.00.2600.0000, we could nip this macro virus thing in the bud. If every one would practice safe computing even Bill Ware would work well. Probably would stop 90% of it overnight. Heck, with all the latest The users alone could prevent more than that. Remember that in *most* cases they worms and viruses require the user to run them. Only recently have the true viruses that run when you read them become much of a problem. holes in these new win OS's they are spitting out, I'm temped to stay It's not the OS. IT's the mail and news readers and even then it's more of a problem with the default settings. It's also a lack of firewalls and virus checkers. If people would just turn off java, HTML, the automated entry of addresses into their address books, turn off the ability to automatically run macros when opening a document, and not run attachments until they verify who ever sent it did so on purpose. there would be few successful viruses. It's a knee jerk reaction to blame the OS (which do have lots of holes in them), but in reality the blame for well over 90% of the problem comes directly from us...the users. How many people have you heard state that "they" only open attachments from people they know. That virus, or worm had to get the address form some where and it was in some ones address book. with win98 a few more years. MK The new ones are no worse than 98, or 98 SE. And the early versions of Netscape were terrible for leaking information about the user. Computer People forget that over 90% of computer users are clueless. Roger K8RI (Retired computer systems project manager) Roger Halstead (K8RI EN73 & ARRL Life Member) www.rogerhalstead.com N833R World's oldest Debonair? (S# CD-2) |
Your Unix people told you wrong. Mail worms were invented back before
Outlook, in a primarily unix based internetwork. "bright Indian programmers" do not exist. If you are going to count on that craphole of a place to produce anything usable, then you have a hard wake up coming. A nation without flush toilets is hardly technologically advanced to write an OS of any merit...just think...those idiots have nuclear weapons...probably aimed at themselves. Mac...just what is Bill style? "J. McLaughlin" wrote in message ... Dear Mr. Flint and group: I am told by knowledgeable UNIX people (another partitioning of the world) that the structure of UNIX is such that attacks can not be successful. I am told that there are only three ports into/outof UNIX modules and it is simple to guard them. The Bill ware OSs allow all sorts of back doors and side doors and over-the-transom ports. What I do not understand is why someone has not funded a set of bright Indian programmers to produce an OS that can execute Window programs without committing the errors made by Bill's people. There is a Unix based program that is able to execute some, well behaved Windows programs. I threaten my students with eternal haunting if they ever write a control program in Bill style. 73 Mac N8TT -- J. Mc Laughlin - Michigan USA Home: "Dee D. Flint" wrote in message .com... "David or Jo Anne Ryeburn" wrote in message ... In article , "Dee D. Flint" wrote: snip Persuade the universe to cease using unsafe operating system software, browsers, and e-mail programs coming from Redmond, WA ;-). UNIX, including the version now marketed by Apple, is pretty safe. David, ex-W8EZE, whose computers are happily MS-free except for safe 11 year old versions of Word and Excel If everyone switched to UNIX, the solution would be short-lived as the virus writers would then switch to attacking it. Right now, they simply get more "bang for the buck" by attacking Windows and it doesn't give them much of a thrill to also go after UNIX system users or Apple computer users. Dee D. Flint, N8UZE |
On Sun, 21 Sep 2003 12:28:16 GMT, "Dee D. Flint"
wrote: "David or Jo Anne Ryeburn" wrote in message ... In article , "Dee D. Flint" wrote: I've tried to trap them but the headers and senders, etc are all different. Waste of time. It *used* to work, but rarely will it now. Check the IP, not the from address. The "From:" lines are likely forged. Many such worms and viruses pick recipients and purported senders randomly from the infected computer's They also make them up, or combine several to make one. Outlook or Outlook Express address list. If you want to see where the message really is coming from, examine full headers carefully -- specifically, the "Received: from" lines Look for the IP. If you have a suggestion on how to stop them, please let us all in on it. Persuade the universe to cease using unsafe operating system software, browsers, and e-mail programs coming from Redmond, WA ;-). UNIX, including the version now marketed by Apple, is pretty safe. Unfortunately this is not really the case. There are no truly safe operating systems (and yes MS has a few more problems than others), but the cases in point are not operating system problems. They are mail and newsgroup reader problems and *nearly* all can be prevented by properly configuring said programs. Turn off the ability to read mail in HTML, don't let macros run, disable Java, and above all don't open attachments until after verifying whoever really sent it. This is particularly true if the thing came from some one you know. How many times have you heard some one say, Oh, I don't worry. I only open attachments from people I know. Now there is a prime candidate for a virus. MS operating systems are written for the masses. It depends on your definition of computer literate, but unless you make the definition very lenient there are few computer users who are computer literate. In grad school I taught intro to Computer Science. It was one of those courses where we taught them to turn 'em on, insert a disk, run an app, save the date, and turn it off. I had 195 students. 5 or so shouldn't have been in there as they knew as much as I did and I was working on my masters in CS. Unfortunately they fell into one of those cases where they had to take the course. Another 5 or so were never going to survive that simple goal of the class. The other 185 covered the spectrum in between. Oh...I had about 10 that could type. I'm not defending windows...What I am doing is trying to show where we have gone wrong across the board and the unlikely prospect of it being fixed soon...if ever. Windows was designed to be user friendly. Any one who has done much programming at all knows the more you work to make a "program" user friendly the more difficult it becomes for the programmer. The program becomes more complex. Sometimes much more complex and with each increase in complexity comes an increase in the likely hood of "side effects". For those unfamiliar with the term, side effects are ... well...just that...They are unexpected operations, outputs, or even capabilities from a program, routine, or function that were not expected. Just like side effects from a medication, only in this case it gives your computer a case of diarrhea. Windows was also designed to create a uniform environment for programmers that would also simplify program design...I.E. The DLL, or Dynamic Linked Library. You can create a relatively small but capable program in Visual Basic, or Visual C++. However, compile it into a stand alone program that can be installed on other computers and it will become huge. It includes all the needed DLLs. A 32 K program can easily become 10 or 20 megs. However when you install it the program will only install DLLs that are newer than the ones on the computer. It will ask if you want to install a DLL if the DLL is older than the one currently on the computer. So that 32K program that turned into 9 megs may only add a 100K or so to some computers. Outlook and Outlook Express make use of these integrated functions, or DLLs. Unfortunately they also come with the default settings Which brings me to the main fault of windows. The one that most likely will never be cured. US...You, me, who ever is at the keyboard, that is where the main responsibility lies. We want HTML as it makes the netzines look nice. We want it so we can send professional looking letters and resumes even if it does have the capability of reporting back to who ever sent you the unwanted e-mail. We want Java running. It does do some neat things. We want macros enabled so when we receive that database it will be displayed as the builder intended and we only have to fill in the blanks. Never mind that the macro can do anything on your computer that you can...probably more in most cases. You can do all the education you want, but if the user wants to use those functions/capabilities then they are going to use them whether it opens their computer up to the whole wide world or not. Virus checkers and spam botts are a necessity to keep track of many things. Some reputable companies seem to be including trojans and spy bots in their soft ware. That stuff lets them track your every move. I have no idea as to why they'd want to track mine, but... "SpyBot Search & Destroy" has found a number of them. In one year I received over 250 copies of viruses and worms. BTW, SpyBot, Search & Destroy is free and does a great job. The writer is just looking for donations. So, were Windows to disappear tomorrow, we might get a brief respite from the viruses while the writers retrenched, but they would be back. The users, still looking for functionality above all else would soon be complaining about the security in the new OS, even though they had been taught the principals of safe computing. David, ex-W8EZE, whose computers are happily MS-free except for safe 11 year old versions of Word and Excel In the computing world older is often not better. If word and excel can run macros when you receive them, or load a document then they are vulnerable. To top it off they can't read any of the documents from newer versions. Old versions of Netscape are particularly bad, but early Internet Explorer was no better. Being MS free is no guarantee of safety. If everyone switched to UNIX, the solution would be short-lived as the virus writers would then switch to attacking it. Right now, they simply get more "bang for the buck" by attacking Windows and it doesn't give them much of a thrill to also go after UNIX system users or Apple computer users. Yup! I have to admit that Unix/Linux, and Apple might be a bit more work, but they are not immune. Once some one, or a group puts together the tools in a package the script kiddies take over and use them like an erector set. Without going into details, Worms and viruses can be amazingly simple to write. I wrote a worm as an under grad student. It was only on paper. I gave it to my instructor and asked if we could try it on a virtual machine. After studying the thing for just a couple of minutes he said, I don't think we better try it. I gave him the paper and said "You keep it". The simplest being the macro viruses. OTOH, some of these things are getting pretty sophisticated. They "call home" to see if there is an update to their code,or payload. They don't always behave the same. Now we have some that don't require user intervention if the default settings are such as to let them loose. Still, the vast majority depend on the "idiot" at the keyboard. IF the user never opened the attachment without verification, never let some one trick them into installing a patch from MS, or some other company (those companies don't work that way), never deleted a file because the official looking e-mail told them to do so, never answered an e-mail asking them to update their account information, (particularly when they ask for the account name), and actually practiced safe computing the virus and worm problem would become a relatively small irritation. BTW, I've set here and watched the firewall report probes of the ports. They would start, try a port, not get in, try the next port, and repeat until they had gone through the whole list, and then start over. It doesn't matter if you have one port, or 10,000. If you have one open that is all it takes. Contrary to government figures as to computer literacy, I doubt any where near half the population could truly be called computer literate. When it comes to computer savvy, I doubt more than 5 to maybe 10% would qualify and I think 10% is really stretching it. If 75 to 80% were really computer literate spam and viruses would not be any where near the present problem. It's part ignorance and part apathy...The old "It only happens to other people" syndrome. Kinda like the immortal teenager in his invincible SUV. I drove half way though one of those a couple of years back and shortened my Transam up nearly two feet. (My last thoughts before impact we "Boy, I'll bet this is gonna hurt") Surprisingly I wasn't even sore the next day, but man was I punch for about a half an hour after the impact. I don't think a 6-pack would have that much effect. An aside to security...Using signed documents...Verisign recently hijacked all the unused dot coms and a bunch of other extensions. Type in a non existent URL and see where you end up. They get paid for every so called click through. That means they get paid for every invalid address typed. As a warning...You end up with the prompt for a secure page and no graceful way to say no. IF you say Yes they make money. In windows that just means using the program manager to close the browser. And...Yes they are already getting sued. Roger Halstead (K8RI EN73 & ARRL Life Member) www.rogerhalstead.com N833R World's oldest Debonair? (S# CD-2) Dee D. Flint, N8UZE |
On Sun, 21 Sep 2003 10:13:26 -0600, wrote:
On Sun, 21 Sep 2003 00:37:03 -0700, "Ed Price" wrote: In other words, nothing factual, just "as far as I'm concerned." Thank you for your rant. That was no rant, and pretty factual. Microsoft has left security hole after security hole. Further, almost none of this would happen if people would stop using Outlook and Outlook Express for mail. A Outlook and OE are both capable of operating as text based if the user would set the defaults properly. When configured so they are just as resistant to attack as the other text based readers. They are every bit as capable as Agent which I happen to be using here as I prefer the way it handles newsgroups better than the other two. Roger Halstead (K8RI EN73 & ARRL Life Member) www.rogerhalstead.com N833R World's oldest Debonair? (S# CD-2) good text based email and news program like Agent goes a long way toward preventing both accidental infection and spreading of the trash that currently pollutes the system so heavily. Eudora used to be good also, but I haven't used it in almost 10 years so it could have given in to the weaknesses by now. gm |
On Sat, 20 Sep 2003 19:35:23 -0500, "RB" wrote:
The virus is in the original attachments and at the web site the text urges you to download. If you don't open the attachment, or download the "security patch", you won't get the virus. However, you will get floods of this kind of traffic. It's coming from infected computers that have your That's why I keep changing my posting address. I use a valid one, but it changes as soon as the spam starts to build. email address, and from your email address harvested from newsgroups, and even from some web sites you've gone to. I think the flooding will continue for awhile longer. Some ISPs neutralize the attachment, but the message comes on through with an empty attachment. Whatever, don't take a chance and open the attachment. If you haven't done it yet, mung your newsgroup email address so this won't happen in the future. Something like . That will keep you from getting flooded in the future. Now that is one of my pet peeves. I always use a valid address, although it changes from time to time. Every once in a while I receive an e-mail off a newsgroup and almost invariably the sender forgets to make the return valid. Those get treated just like spam. Just go to one of the e-mail services and get a throwaway address. Use it till it starts getting spam and viruses. Then cancel it and create a new one. If you don't want to receive e-mail from the newsgroups don't use a valid address and state so in your sig. The easiest is to just make the address "don'treply@email or some such that indicates you don't want to be bothered with e-mail answers. Roger Halstead (K8RI EN73 & ARRL Life Member) www.rogerhalstead.com N833R World's oldest Debonair? (S# CD-2) |
Bill wrote:
"bright Indian programmers" do not exist. If you are going to count on that craphole of a place to produce anything usable, then you have a hard wake up coming. A nation without flush toilets is hardly technologically advanced to write an OS of any merit...just think...those idiots have nuclear weapons...probably aimed at themselves. Funny... some people would claim the same about trailer trash rednecks like you. -- Anti-spam measu look me up on qrz.com if you need to reply directly |
Yep.... in one account I am getting something like 1200-1500 of the alleged
"Microsoft" patch per day, and about 3 weeks ago I got nailed the same way with the Sobig:f virus. Since the release of these viruses, I now use the "webmail" mail servers before downloading any email through Outlook Express. I haven't been affected by the viruses in regards to what they were designed directly to do, but affected by the time it takes to download email or going through the webmail service that my ISP offers. I am quite sure that I am not the only one and I am sure that these bogus emails are depleting free space on the email servers in general. -- Ryan, KC8PMX FF1-FF2-MFR-(pending NREMT-B!) --. --- -.. ... .- -. --. . .-.. ... .- .-. . ..-. .. .-. . ..-. ... --. .... - . .-. ... "Cecil Moore" wrote in message ... Is anyone else being deluged with Virus/Worm email messages? -- 73, Cecil http://www.qsl.net/w5dxp -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =----- |
| All times are GMT +1. The time now is 01:44 PM. |
|
Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
RadioBanter.com