wirman.gif (7705 bytes)

Off the Wall in Bisbee is glad to bring you,
Ted's virus protection advice

agava.gif (64311 bytes)


Knowledge is the ultimate virus defense:
Learn how your computer works and you'll be much less susceptible to viruses
from an article By Scott Rosenberg

June 16, 1999 | Many viruses hit the headlines -- worm -- is an especially noxious piece of programming: It infects mail servers using a Microsoft proprietary mail system known as MAPI and causes people to receive e-mail messages from trusted colleagues that deliver treacherous file attachments. If you click on the attachment, named "********.exe, or *********.doc.bat, etc" the program will hunt and destroy files on your hard drive in a variety of popular formats (mostly Microsoft Word, Powerpoint and Excel) -- then mail itself out to all your friends and colleagues with your name on it.

In truth, the havoc a virus wreaks derives not from the e-mail message itself but from unsuspecting users double-clicking on that attachment, deceptively named "*********.exe. or *********.bat" A savvy user would know that real zipped (compressed) files end in ".zip," not ".exe" -- the file-name extension for executable programs. In other words, if your friend says he has sent you a zipped file but the file is actually an executable program, that file should go straight to the "delete" bin. (.bat is also an executable file.)

The lesson here remains the same as it's always been: Be extremely suspicious of e-mail attachments; when in doubt, delete; and by no means should you ever double-click on an e-mail attachment whose filename ends in ".exe, .bat" unless you are sure you know what you're doing.

In the end, the best protection remains what it's always been: Knowing what your computer is doing and how it does it -- including such small but vital details as the difference between ".zip" and ".exe."

Quoting an article;

- Getting rid of cybertrash disguised as e-mail is taking more and more resources--
By Christine Tatum CHICAGO TRIBUNE

E-mail is fast becoming more of a nuisance than a convenience.
When in-boxes aren't overflowing with sales pitches and pornography, they're socked with viruses and worms attached to e-mails that can appear to be from co-workers.

The growing glut threatens to force a dramatic change in the free flow of e-mail.

"What was intended for immediate collaboration is quickly on the way to ruin," said John Mozena, co-founder and vice president of the Coalition Against Unsolicited Commercial E-mail. "People are learning the hard way that they can't make themselves so available."

Spammers compound the confusion by using viruses and worms to spread their spoofed sales pitches. The viruses raid electronic address books, where they attach to new e-mail addresses to continue the vicious cycle. That explains why e-mail users sometimes receive out-of-office replies from folks they never contacted.

The vast majority of the spoofed e-mails are from spammers. But because it takes only a few adjustments of computer settings to pull off the spoofs, tech professionals say more people are getting in on the act.

 

BrightMail Inc., a spam-fighting software firm, reported that more than 5.2 million junk e-mails were sent in September, making up roughly 30 percent of all e-mail correspondence.

According to Jupiter Research, the average amount of spam received per user has nearly doubled, to 6.2 from 3.7 e-mails per day. By 2007, Jupiter predicts, the average e-mail user will be exposed to more than 3,900 spam messages annually - more than 10 a day.

Fighting the cybercrud is costly and time-consuming. Consumers pay Internet service providers about $2 a month to stem the flow. And if 100 workers receive only five junk e-mails a day and spend five seconds reviewing each one, an employer will lose 10.5 days a year in productivity.

"A lot of ordinary computer users and network administrators need to take a long, hard look at themselves," he said. "At a certain point, their negligence is just as much a part of the problem."

Too many businesses practice poor Web hygiene and don't ensure that servers are properly configured. As a result, tech support professionals are making hundreds of dollars a day by doing work on Internet servers that is equivalent to flipping a light switch.

"People set up these things in the gung-ho days of the Internet when a lot of people really didn't know what they were doing," said James Placer, a senior network engineer and security analyst for Interactive Business Systems Inc. in Oak Brook. "And then they just sort of forgot to go back and make necessary changes."

Placer and Ellison say that a significant amount of spam would disappear overnight if businesses inspected every server and closed all the "open relays" that permit outsiders to use the server.

"If all of those relays were closed, everyone who wants to send spam would need to go out and buy their own server," Ellison said.

Once upon a time, Web users could tap into a stranger's network for help transmitting data. Server manufacturers encouraged the global sharing by selling machines with relay connections open by default. But when spammers hit the scene, looking for networks to exploit, the need for stringent clampdowns quickly became apparent.

Server manufacturers are just now starting to make an effort to remedy their unwitting contribution to the spam problem. Microsoft's Exchange 2000 comes with the relays open. But the version due next year, Titanium, will be provided with closed relays by default.

Spammers also take advantage of software glitches and viruses that few computer users bother to fix. Though fixes can be downloaded easily from Microsoft and Symantec's Web sites, a relatively new virus - W32.Bugbear - is expected to plague computers well into next year.

"Installing software without ever updating it or (tightening) the security of it when problems are announced is like running a toxic waste dump in a neighborhood," Mozena said.

Even network administrators fall down on the job.

Form Mail, a Web server script popular with businesses wanting to glean feedback from customers online, generates e-mail response forms. It has been downloaded more than 2 million times and plunked into corporate Web sites, where, until recently, it was largely forgotten.

In the last six months, Ellison said spammers have aggressively used a hole in the Form Mail software to distribute messages through Web servers. As a result, even more unwanted e-mail messages are getting through to personal inboxes.

Thanks for the article.

 

Off the Wall in Bisbee recommends the use of :
Norton AntiVirus© 1994-2001 Symantec Corporation.
Which we have found to be much more reliable than McAfee for example.
We recommend "Tiny Personal Firewall" which is free for home use; however it may not work with all computers.  Recently we discovered www.Zonelabs.com who offer a free firewall download.
The software will let you know who wants to look at your PC and let you deny them access.
You can obtain more information on many subjects including "Viruses" by searching at http://www.snopes2.com/

Return to Ted's Mail list

07/30/07