[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: virus warnig



Probably all of you know about grafs two and three of this e-mail, but just
in case ...

I have a web site, and I used to have a link on the home page on which a
visitor could click in order to send me an e-mail. Hackers scanning the
Internet could pick this up, so I was getting two or three viruses a week
through that e-mail address. (The cleverest was very good. When you send an
e-mail to a defunct address, it is sent back to you in a cannot deliver
message. One virus transmission copied what those messages look like.) So,
now I have an explanation on my home page about how to e-mail to me, but
there is no link. The viruses have stopped.

However, the Bugbear -- or is it the Klez, or both? -- virus is clever
because it scrambles the sender's e-mail address, so you can have it on your
machine, not know, and it is going out to everyone in your address book, and
they cannot warn you that you have it.

One way supposedly to circumnavigate this is to start your address book with
a rogue address like !00000. When the virus tries to send to that address,
an error message will appear because it is an impossible address.

Anyway, now to the original question. I approve of open access, agreeing
with Carl that we must not affect our way of life because of terrorists,
Internet or otherwise. However, what is the point of someone posting if he
will not see the replies because he isn't a subscriber? So, maybe
restricting access to subscribers isn't so "unopen" in this instance.

Phillip Alder







----- Original Message -----
From: Carl Distefano 
To: XyWrite List 
Sent: Wednesday, October 23, 2002 2:02 AM
Subject: RE: virus warnig


>
> Reply to note from "Brian Henderson"  Tue,
> 22 Oct 2002 19:39:48 -0700
>
> > don't people have to be a member to post to the group? How are
> > they getting in? Have these recent attacks all been the kind
> > that use the address book on an infected machine (so that a
> > legit member is an unwitting proxy)? Or is it possible to hack
> > into the list- server and send to whatever list one wishes?
>
> This has always been an open list, meaning that anyone can post.
> Only subscribers receive copies of posted messages.
>
> At least one recent viral message came from a non-subscriber address
> (probably unbeknownst to the owner of that address, which appears to
> be a legitimate company); others seem to have originated from
> subscribers, though their addresses may have been spoofed. My
> impression -- I've never done the math -- is that most infected
> messages emanate from (unwitting) subscribers.
>
> By sending a simple command to the list processor, I can make the
> list "subscribers only". That would exclude posts, legitimate and
> otherwise, sent from e-mail addresses not appearing on the list of
> subscribers. The question is, would the additional safety be worth
> the diminished accessibility?
>
> On the one side, accessibility may be overrated. The real value of
> this list lies in taking out a subscription, because that's the only
> way a poster is guaranteed to be able to read all responses to his
> or her query (the alternative -- dicey -- being to ask respondents
> to send replies to the sender's private address), and the only
> effective way to take part in the ongoing dialogue. What's more,
> the burden of subscribing is minimal. On the other side is the fact
> that any gain in security would be slight at best. No one could
> relax. Everyone would still have to take exactly the same
> precautions against viruses as we do now, because infected messages
> could still originate with a subscriber or someone posing as a
> subscriber. To do otherwise would be to indulge a false sense of
> security. And then there's the principle -- weighty, in my view --
> that to do anything other than keep the list as open and accessible
> as possible is to capitulate to the miscreants who propagate these
> destructive messages.
>
> On balance, I lean toward openness. But maybe openness is an
> anachronism in this parlous age. If the weight of subscriber
> opinion favors excluding posts from non-subscribers, I'll send the
> command. Note well that this step, if taken, would not close the
> list to anyone or turn it into a moderated list. Anyone could still
> subscribe and post. The only difference would be that subscribing
> would become a prerequisite to posting.
>
> What do you say?
>
> --
> Carl Distefano
> cld@xxxxxxxxxx
> http://users.datarealm.com/xywwweb/