[Groop] OT: Long Virus stuff

Charles L. Klein CKlein at mn.rr.com
Mon Jan 19 15:40:24 PST 2004 

Geez, don't even mention Sygate Personal Firewall when it's been rated the
best several times... it's what I use.  I hadn't heard of Kerio before, but
it's always good to know a new one.

Also, I use Mail Washer for spam (someone on the Groop mentioned it a while
ago).  Some people don't like that it's a separate step, but I don't mind.

Good information, though, and lots of it!  You must be either a computer
person (job) or someone who really is into them.

You'd probably appreciate this link for utilities as well, there's even a
free virus scanner listed:
<http://www.techsupportalert.com/best_free_utilities.htm>

Charles

-----Original Message-----
From: groop-bounces at groo.com [mailto:groop-bounces at groo.com]On Behalf Of
Scott
Sent: Monday, January 19, 2004 4:31 PM
To: groop at groo.com
Cc: groop at groo.com
Subject: [Groop] OT: Long Virus stuff


Its hard to tell how the virus got on your system, there is no one answer.
You
or someone else on your computer might have activated it, or it might have
been
triggered on its own. (There is no answer at the bottom of this long email
either, just more explaining on what might have happened and some tips)

While the virus writers are getting smarter at spreading their pollution,
Microsoft is making it easier for them to do this because users want
computers
to be easier. Outlook is now doing more "for" you to make email easier or
more
enjoyable. It will auto open attachments, display html with all those pretty
fonts and pictures, run scripts, all with out you needing to do anything.
The
virus just has to show up as something Outlook recognizes and it will run
the
script for you. Since Microsoft is 90% or more of the computers out there,
most
viruses are written to attack MS products (Windows, Office, Outlook). One
thing
to make yourself less vulnerable is to get non Microsoft stuff, a virus can
load
on your computer and spit out emails with out you knowing it, not showing up
in
your outbox. The virus could also enter your computer thru other means, that
joke someone sent out had a backdoor virus, an exploit in windows (if you
have
not ran the windows update in the last month), am infected word document or
powerpoint came in and spread to your system. Eudora is not as vulnerable to
a
virus attack, but it still has its holes. TheBat has not had a virus effect
them
yet.

Attachments: More and more of them are becoming "live code" to easy. A
script,
bat file, exe, com, these all will do something.
Word/Excel/Powerpoint/Outlook
now have build in macro functions so when they open, they can infect your
computer. So what is safe? Jpg and Gif files?? Not really (anymore). There
was a
new "proof of concept" done showing that an HTML virus with a java script
intentionally mislabeled as picture.jpg, when opened with Internet Explorer,
will infect a computer. IE expects a JPG file and reads it, sees the HTML
header
and starts to process it as an HTML file, then runs the scripts with in and
POW
you are ZAPPED. (do not know if a virus is out that does that yet) That fix
is
do not use Internet Explorer to view GIF and JPG pictures, use something
that
does not understand HTML to view your pictures (and that is getting more
rare to
find).
A virus can find its way on to your computer then send out an email with
your
email address that includes an infected attachment, then we see its from you
and
trust you do not send out bad stuff and we open it. Another email can get
into
YOUR computer, spoof the address by picking an address (John Doe) out of
your
email address book, send from your computer a virus attachment to Jane Smith
from John Doe, then John Doe gets all the flack for sending out a virus
email
when your computer is really the one doing it. Its now to the point where
you
almost have to ignore any attachment.

Your computer should be protected with:
     - a software firewall (yes, even if you have a NAT router)
         zone alarm - www.zonelabs.com (free and pro versions)
         kerio - http://www.kerio.com/kpf_home.html (free and pro versions)
         Norton Internet Security -
http://www.symantec.com/sabu/nis/nis_pe/index.html
         Mcafee - http://us.mcafee.com/root/catalog.asp

     - antivirus programs (weekly updates)
         Norton - http://www.symantec.com/nav/nav_9xnt/
         Mcafee - http://us.mcafee.com/root/catalog.asp
         AVG -  http://www.grisoft.com/us/us_index.php (free)
         House call - http://housecall.antivirus.com/ (free)

     - anti spam program
         Popfile - http://popfile.sourceforge.net/ (free)
         Spam Pal - http://www.spampal.org/
         Norton Internet Security -
http://www.symantec.com/sabu/nis/nis_pe/index.html

     - anti spyware program (if you have not ran one of these, I bet you
have
     over 100 spying programs/cookies on your system if not more)
         Adware - http://www.lavasoftusa.com/
         Pest Patrol - http://www.pestpatrol.com/

There are now tons of email programs out there and more on the way.  Outlook
Express is free with IE, Outlook comes with Office.  You can also get
Eudora,
Agent(http://www.forteinc.com), TheBat (http://www.ritlabs.com/en/), or tons
of
others.

IF you have broadband (cable or dsl) then I strongly recommend you get a NAT
Router. Linksys (http://www.linksys.com/edu/) and Netgear
(http://www.netgear.com) make some nice ones for under $50 that will allow
you
to plug in 4 or more computers into a hub, or under $70 to get wireless as
well.
These routers will help protect your computer on the internet. I have not
seen
an ISP yet that does not support these (I hear they are out there, just have
not
seen one) and whats nice is with this router, you do not have to use any of
the
ISP software or special plugins. Network Address Translation (NAT)
Technology -
Prevents hackers from seeing (and attacking) your network address while
you're
surfing the web.

SO, this is whats safe?  Nope, even these will come under attack with time.
(http://kbserver.netgear.com/kb_web_files/n101208.asp)

86 lines of email later, there is no answer.  Once I give you the answer, it
will not apply to the next virus.  Run your Windows, Antivirus, Antispam,
Antispy, Router updates regularly.

The internet is still in its "wild west" phase where anything goes, changes
are
on the horizon to change that, but also watch some of your freedoms go with
it
also, you and your dog won't get to wander the lands for free anymore.

_______________________________________________
Groop mailing list
Groop at groo.com
http://mailman.newdream.net/mailman/listinfo.cgi/groop

More information about the Groop mailing list