Re: CRIME FW: [Ccbig] 'Hi' Virus. Be Vigilant!

From: Robert Martin (robert@martin-iti.com)
Date: Wed Dec 05 2001 - 13:01:00 PST

Next message: George Heuston: "CRIME FW: NIPC Daily Report, 5 December 2001"

Previous message: Sarah Mocas: "CRIME WITS '02 Call for Participation (fwd)"
In reply to: Steve Nichols: "RE: CRIME FW: [Ccbig] 'Hi' Virus. Be Vigilant!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Pardon the product plug here, but that's why I like mcafee for our 
office (I don't know if this feature is part of other virus protection). 
ActiveShield pops a window up in their face and tells them that there is 
an update available, and can be set to update at a time when the machine 
is idle.

rob

On Wednesday, December 5, 2001, at 11:30 AM, Steve Nichols wrote:

> We are an ISP as well.
> I tried to implement a filter very similar to Wil's. However, our users 
> went
> ape shit.
> So I just filter our office traffic.
> You would not believe how many users add our accounts or help alias to 
> their
> address book.
> We get hundreds of infected e-mail's daily.
> We send out a weekly usage report as well, and get a ton of "viri" via 
> RE:
>
> I think it's safe to say that we have had over 500 calls in the last two
> weeks regarding virus's.
> It is AMAZING how many people install virus protection and say " you 
> mean I
> have to update it?"
> " I got the virus?, But I have NAV, how is that possible?"
> " When was the last time you updated it?"
> " I have to update it?"
>
>
> AAAAAAAAAAARRRRRRRRRGGGGGGGGHHHHHHHHHH!!!!!!!!!!
>
> Steve Nichols
> Internet Manager/Network And Systems Administrator
>
>
>                    VALLEY INTERNET COMPANY
>                 1709 NE 27th Street, Suite C
>                   McMinnville, Oregon 97128
>            503-565-5030 or 800-909-9078 (toll-free)
>      "Pay no attention to the folks behind the curtain..."
>    PGP: www.viclink.com/~steven/steven.nichols.pgp.txt
>
> -----Original Message-----
> From: owner-crime@/var/spool/majordomo/lists/crime
> [mailto:owner-crime@/var/spool/majordomo/lists/crime]On Behalf Of Wil
> Cooley
> Sent: Wednesday, December 05, 2001 9:53 AM
> To: Kuo, Jimmy
> Cc: crime@private
> Subject: Re: CRIME FW: [Ccbig] 'Hi' Virus. Be Vigilant!
>
>
> Also Sprach Kuo, Jimmy:
>> I don't understand why my alert hasn't shown up yet.
>>
>> And can anyone tell me, who undertook to block .SCR files after my
>> presentation at the last meeting?
>
> I am:
>
> :0 BH
> *
> ^Content-(Type|Disposition):.*$?.*name=".*\.(scr|pif|dll|exe|com|lnk|bat|
> vbs
> |386|cpl|drv|sys|vb|vbe|vxd)"
> {
> 	:0 f
> 	| formail -A "$FILTMSG Illegal extension, sent to quarantine"
>
> 	:0
> 	! ${JAIL}
> }
>
> I'm just an ISP, so I can't filter too much; people expect to be
> able to pass lots of crap through and they're not really paying for
> enhanced security.  As it is, I'm catching lots of greeting cards
> and crap like that with the .exe.
>
> Wil
> --
> W. Reilly Cooley                           wcooley@private
> Naked Ape Consulting                        http://nakedape.cc
> irc.linux.com                             #orlug,#pdxlug,#lnxs
>
> "There was a vague, unpleasant manginess about his appearence; he 
> somehow
> seemed dirty, though a close glance showed him as carefully shaven as an
> actor, and clad in immaculate linen."
> -- H.L. Mencken, on the death of William Jennings Bryan
>
>
>

Next message: George Heuston: "CRIME FW: NIPC Daily Report, 5 December 2001"
Previous message: Sarah Mocas: "CRIME WITS '02 Call for Participation (fwd)"
In reply to: Steve Nichols: "RE: CRIME FW: [Ccbig] 'Hi' Virus. Be Vigilant!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:45 PDT