|
PureBytes Links
Trading Reference Links
|
John, I addressed this in my e-mail to Mike but here it is again for you.
Plus, the link you posted for the virus is a non-working page at Symantec.
Here is the correct link:
http://securityresponse.symantec.com/avcenter/venc/data/w32.badtrans.gen@xx.
html
Here is my response to you:
The virus that attacked the systems of a number of members of this list was
not the "silent" type. Mark
Gilk should have been keenly aware that the virus existed on his hard drive
because the virus actually tells you that it has damaged your hard drive!!
And, in order for the virus to work it's damage to other drives, it has to
execute your e-mail software, i.e. Outlook, and then make a network or
dial-up connection so that it can send the infected e-mails.
So, the question is, where the hell is Mark?!! What was he busy doing while
his system was used as an instrument to attack other computers? At the very
least there's a direlection in duty to protect other users, and at worst, he
may have knowningly passed it along. My perspective is that if you infect
other systems and don't know that your system is the culprit, then you are
not capable of using that tool properly and should get some help or stop
using it but at least get banned from Omega List and other forums where you
could cause further damage. Additionally, if you are using your system
purposely to infect other systems, you should be arrested, but at least
banned from Omega List and other forums where you could cause damage.
Hence, my calls for banishment for Mr. Gilk. I hope that clears up any
confusion and effectively states my point of view.
Sincerely,
John
Sent: Saturday, December 01, 2001 3:02 PM
Subject: Re: Mark Gilks attachment - Badtrans virus
> Mark didn't deliberately infect anyone.
>
> If you read the description of Badtrans you find that it is sent to email
> addresses from a variety of places on your PC. The most insulting one is
> that it looks for unread emails and sends to those adresses. This
suggests
> that Mark may not have read your email (lol) but not that he was
malicious.
>
> It also "prevents" you warning the person who sent it to you by
> "Additionally, the sender's email address will have the "_" character
> prepended to it, to prevent replying to infected mails to warn the sender
> (eg user@xxxxxxxxxxx becomes _user@xxxxxxxxxxx)."
>
>
> On the Eudora/Pegasus/Outlook express arguement I'd offer an opinion. If
> you were sent BT then all you had to do was save the attachment to disk
and
> then check it with your virus checker (after updating it to recognize BT).
> The key behaviour is "Never ever ever ever open an attachment from someone
> you don't know and trust to send things to you". I use Outlook Express
for
> most of my mail but use Pegasus for my childrens mail (supports multiple
> users really well) and also have used Eudora in a variety of iterations.
>
> I'm still using Outlook Express because it has great features in its free
> version (unlike Eudora which is a little crippled). My kids now prefer
> Pegasus which is an excellent free mail client (better features than most
> paid clients) but I'm used to OE (getting old).
>
> On virus checkers you should avoid McAfee and Norton/Symantec (that should
> bring a response). The reason I recommend you avoid them is that all good
> (???) virus writers test against the current versions of M & N before
> releasing the viruses into the wild. If you use them you must update
every
> week or so ... alternatives include InoculateIT and F-Secure.
> See http://cws.internet.com/virus.html
>
> A good description of badtrans is at:
>
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.badtrans.b@xxxxx
> ml
>
> This also provides info on manual removal.
>
> John
>
>
> ----- Original Message -----
> From: "Fred" <srqblue@xxxxxxxx>
> To: "jpaladin" <jpaladin@xxxxxxxxxxx>
> Cc: <omega-list@xxxxxxxxxx>
> Sent: Saturday, December 01, 2001 9:04 AM
> Subject: Re: Mark Gilks attachment - Badtrans virus
>
>
> On Fri, 30 Nov 2001 13:04:45 -0800, jpaladin <jpaladin@xxxxxxxxxxx>
> wrote:
>
> > So, now, how do we get Mark banned from the list for
> >intentionally sending viruses?
> >
> >Sincerely,
> >John
>
> I received the infected email from Mark Gilks as well. Last I heard
> from him prior to this current email was his post to this list on
> 10/30/2000 giving an ELA for Stoller bands.
>
> I was unable to determine his intent from the email infected with the
> badtrans virus. Could you tell me how to do this?
>
> Fred
>
>
> "Success is the only test of genius" -R.Adm Daniel Gallery 1901-1977
>
>
|