[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: another virus warning?



>The earlier note from Paul Williams contained an attachment that, I
>believe, contained a virus payload. My note did not contain an attachment.
>If you had read my note, you would see the information about the earlier
>note and a URL with information on what I believe to be an infected
>attachment. If you did not receive the note I described, someone did
>you a
>favor and filtered it out. In which case, don't worry about it. While you
>are about it, learn a bit more about how viruses propagate.
>
>And, as I said in that earlier note, it is the nature of this virus that
>Paul Williams does not have it but that he knows someone who does. And, I
>suspect, someone who is on this list.
>
Well, it is not the "nature" of this worm to propagate only via email addresses of people who "know each other." The latest beagle worm searches *mailbox files* as well as address books for email addresses that it spoofs in order to spread. Any address in a mailbox is liable to be lifted for this purpose. And frankly, at this stage of the interent virus/worm evolution, the chances are that the spoofers and the spoofees don't know each other at all.
Unmoderated listservs that permit attachments, as this one does, are
especially vulnerable to the spread of worms in spoofed mail. My own
wish is that the XY list settings be configured to reject attachments
or that a moderator be in place to intercept attachments. If someone
wishes to distribute some code or an attachment, he or she can ask
interested parties to meet off-list to receive it or fetch it from an
FTP site.

good wishes

Peter

~~~~~~~~~~~~~~~~~~~~~~~~~~~
Prof. Peter Knupfer
310 Auditorium Bldg.
Michigan State University
East Lansing, MI 48824
Voice: 517 355 9300
Fax: 517 355 8363
email: knupfer@xxxxxxxx
~~~~~~~~~~~~~~~~~~~~~~~~~~~