|
PureBytes Links
Trading Reference Links
|
John sent the following from an address not currently on the list.
I thought it worth passing on; please direct any comments to John,
at the Reply-to address, or the list, not to me.
--
jimo@xxxxxxxxxx
maintainer of the omega list
omega-list-request@xxxxxxxxxx
-------------forwarded msg:--------------------
>Message-ID: <004101c17abc$42aa9380$da508a90@xxxx>
>From: "John Lynch" <kiwi_trader@xxxxxxxxxxxx>
>To: "Fred" <srqblue@xxxxxxxx>, "jpaladin" <jpaladin@xxxxxxxxxxx>
>Cc: omega-list@xxxxxxxxxx
>Subject: Re: Mark Gilks attachment - Badtrans virus
Mark didn't deliberately infect anyone.
If you read the description of Badtrans you find that it is sent to email
addresses from a variety of places on your PC. The most insulting one is
that it looks for unread emails and sends to those adresses. This suggests
that Mark may not have read your email (lol) but not that he was malicious.
It also "prevents" you warning the person who sent it to you by
"Additionally, the sender's email address will have the "_" character
prepended to it, to prevent replying to infected mails to warn the sender
(eg user@xxxxxxxxxxx becomes _user@xxxxxxxxxxx)."
On the Eudora/Pegasus/Outlook express arguement I'd offer an opinion. If
you were sent BT then all you had to do was save the attachment to disk and
then check it with your virus checker (after updating it to recognize BT).
The key behaviour is "Never ever ever ever open an attachment from someone
you don't know and trust to send things to you". I use Outlook Express for
most of my mail but use Pegasus for my childrens mail (supports multiple
users really well) and also have used Eudora in a variety of iterations.
I'm still using Outlook Express because it has great features in its free
version (unlike Eudora which is a little crippled). My kids now prefer
Pegasus which is an excellent free mail client (better features than most
paid clients) but I'm used to OE (getting old).
On virus checkers you should avoid McAfee and Norton/Symantec (that should
bring a response). The reason I recommend you avoid them is that all good
(???) virus writers test against the current versions of M & N before
releasing the viruses into the wild. If you use them you must update every
week or so ... alternatives include InoculateIT and F-Secure.
See http://cws.internet.com/virus.html
A good description of badtrans is at:
http://securityresponse.symantec.com/avcenter/venc/data/w32.badtrans.b@xxxxx
ml
This also provides info on manual removal.
John
----- Original Message -----
From: "Fred" <srqblue@xxxxxxxx>
To: "jpaladin" <jpaladin@xxxxxxxxxxx>
Cc: <omega-list@xxxxxxxxxx>
Sent: Saturday, December 01, 2001 9:04 AM
Subject: Re: Mark Gilks attachment - Badtrans virus
On Fri, 30 Nov 2001 13:04:45 -0800, jpaladin <jpaladin@xxxxxxxxxxx>
wrote:
> So, now, how do we get Mark banned from the list for
>intentionally sending viruses?
>
>Sincerely,
>John
I received the infected email from Mark Gilks as well. Last I heard
from him prior to this current email was his post to this list on
10/30/2000 giving an ELA for Stoller bands.
I was unable to determine his intent from the email infected with the
badtrans virus. Could you tell me how to do this?
Fred
"Success is the only test of genius" -R.Adm Daniel Gallery 1901-1977
|