[65654] in North American Network Operators' Group
RE: new nasty email virus trick to bypass scanners
daemon@ATHENA.MIT.EDU (Henry Linneweh)
Thu Dec 4 12:52:51 2003
Date: Thu, 4 Dec 2003 09:52:10 -0800 (PST)
From: Henry Linneweh <hrlinneweh@sbcglobal.net>
To: Priyantha <priyantha@wightman.ca>,
'Mike Tancsa' <mike@sentex.net>,
'Jamie Reid' <Jamie.Reid@mbs.gov.on.ca>, nanog@nanog.org
In-Reply-To: <001f01c3ba7d$fd3bd120$8e15a8c0@norm>
Errors-To: owner-nanog-outgoing@merit.edu
--0-2110992348-1070560330=:10577
Content-Type: text/plain; charset=us-ascii
It takes a good combination of both ISP and end user to fight spam, I have a tool
in this editor for reading msg that allows me to tag a spammer and block the '
user@host that gets by the isp scan tool.
Common sense, in these times shows you to not open emails from strangers
especially with *.zip files unless they are coming from a known party based on
some kind of dialog prior to it being sent and received.
-Henry
Priyantha <priyantha@wightman.ca> wrote:
> At 09:53 PM 03/12/2003, Jamie Reid wrote:
>
> The other thing that worries me is that those who rely on
> their ISP to scan
> for viruses, a false sense of security can come into play.
> In the case of
> these types of email viruses, the user might think the file
> is OK because
> it was scanned.
The AVScanner should indicate that the file couldn't scan because it is
password protected and hence opening the file may be risky.
Priyantha
--0-2110992348-1070560330=:10577
Content-Type: text/html; charset=us-ascii
<DIV>
<DIV>It takes a good combination of both ISP and end user to fight spam, I have a tool</DIV>
<DIV>in this editor for reading msg that allows me to tag a spammer and block the '</DIV>
<DIV><A href="mailto:user@host">user@host</A> that gets by the isp scan tool.</DIV>
<DIV> </DIV>
<DIV>Common sense, in these times shows you to not open emails from strangers</DIV>
<DIV>especially with *.zip files unless they are coming from a known party based on</DIV>
<DIV>some kind of dialog prior to it being sent and received.</DIV>
<DIV> </DIV>
<DIV>-Henry<BR><BR><B><I>Priyantha <priyantha@wightman.ca></I></B> wrote:</DIV>
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid"><BR>> At 09:53 PM 03/12/2003, Jamie Reid wrote:<BR>> <BR>> The other thing that worries me is that those who rely on <BR>> their ISP to scan <BR>> for viruses, a false sense of security can come into play. <BR>> In the case of <BR>> these types of email viruses, the user might think the file <BR>> is OK because <BR>> it was scanned.<BR><BR>The AVScanner should indicate that the file couldn't scan because it is<BR>password protected and hence opening the file may be risky.<BR><BR>Priyantha<BR></BLOCKQUOTE></DIV>
--0-2110992348-1070560330=:10577--
