John E Jewkes-AAA0OR-AAA0ID wrote: > Virus W32.Klez.H@mm was found. > > So, How do I stop it? You cannot effectively stop it, because of the way Klez works. Klez is a 3-way virus. Consider the 3 people Alice, Bob, and John :) Alice knows both Bob and John. Alice gets infected with Klez. Klez looks in Alice's address book, and finds e-mail addresses for both Bob and John. Klez sends an e-mail to Bob, but forges the headers so as to claim to have been sent by John. If Bob's admin or virus filter software is not thinking about it very carefully, they send their complaints to John. There is no way to avoid this problem, other than to absolutely refulse to associate with Windows users, because Klez can only infect Windows. And this completely fails if you ever post to a public list (such as CRIME) because you end up in Klez's cross-hairs if an invected victim just browses a web page that displays your post. Crispin, who thinks it should be an offense for Federal or State employees to deploy Windows systems -- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Sat Sep 14 2002 - 13:43:54 PDT