At 11:32 PM 7/21/2001 +0000, John A. Lind wrote:
>All file OM list email file attachments I've received for some time are zero
>bytes in size and are therefore benign (they don't trigger McAfee AV either;
>the same attachments from other sources do). I believe the list has been set
>up to truncate them to zero.
>
>BTW, I am _also_ running Zone Alarm at maximum security as a firewall. To the
>rest of the internet I do not exist if probed, pinged or otherwise queried.
>My machine simply ignores the low level request with zero response. It is
>truly amazing the frequency of port probing and other shenanigans that go on
>at a low level most users _never_ see. I have it set up to change _any_
>inbound email file attachment that has _any_ Windoze executable file extension
>to a benign non-executable one. Trapped two viruses attached to non-list
>emails today alone.
I highly recommend Zone Alarm -- it's even better than Black Ice Defender
(which is pretty good, but doesn't block *outgoing* stuff that's been activated
without your knowledge). ZA blocks everything until it's gotten your OK, asks
you about everything, and sets up exclusion/inclusion rules based on your
responses to its queries (so it doesn't keep asking you about the same stuff
all the time, but will continue to monitor for new/unusual stuff). ZA Pro is
even better! (ZA is free -- ZA Pro costs money.)
You can find ZA and ZA Pro at:
http://www.zonelabs.com/
Also, update all your antivirus software. The new "SirCam" virus is now only
six days old, and I've received it from half a dozen different people I don't
know. In all cases, ZA Pro automatically caught the virus and re-named it to a
non-executable form, allowing me to examine it at my leisure and then delete
it. My antivirus software wasn't able to identify the virus AT ALL until I'd
updated the antivirus DAT and engine (and I'd performed both of those actions
just a week earlier!).
If you run either a cable modem or some form of always-on DSL, you're a target.
I also sit behind a NAT, so there's no direct routing between me and the
larger Internet, but that doesn't stop payloads from incoming e-mail.
Protect your 'puter! Practise safe SEX (Software EXchange)! ;-)
Garth
< This message was delivered via the Olympus Mailing List >
< For questions, mailto:owner-olympus@xxxxxxxxxxxxxxx >
< Web Page: http://Zuiko.sls.bc.ca/swright/olympuslist.html >
|