How to avoid to spread virus

B

bizarre

New member
Hi
I've just got this from another www forum, thought it could be interesting

As you may know, when/if an email worm virus gets into your computer it heads
>straight for your email address book and sends itself to everyone in
>there, thus infecting all your friends and associates. This trick
>won't keep the virus from getting into your computer, but it will stop
>it from using your address book to spread further, and it will alert
>you to the fact that the worm has gotten into your system.
>
>Here's what you do: first, open your address book and click on "new
>contact" just as you would do if you were adding a new person to your
>list of email addresses. In the window where you would type the
>person's name, type in !000 (that's an exclamation mark followed by 3
>zeros). In the window where it prompts you to enter the new email
>address, type in WormAlert. (If it tells you this is not a valid
>address just say yes to add it, or ok). Then complete everything by
>clicking add, enter, ok, etc.
>
>Now, here's what you've done and why it works: the "name" !000 will be
>placed at the top of your address book as entry #1. This will be where
>the worm will start in an effort to send itself to all your friends.
>But when it tries to send itself to !000, it will be undeliverable
>because of the phony email address you entered (WormAlert). If the
>first attempt fails (which it will because of the phony address), the
>worm goes no further and the people in your address book will not be
>infected.
>
>Here's the second great advantage of this method: if an email cannot
>be delivered, you will be notified of this in your InBox almost
>immediately. Hence, if you ever get an email telling you that an email
>addressed to WormAlert could not be delivered, you know right away
>that you have the worm virus in your system. We can then take steps to
>get rid of it!


bizz
 
Yeah I've heard about something like that. Never tried it though although I guess it wouldn't hurt. I did get infected by a worm one time that used the address book. Got into my aunt's address book and sent phony emails with an attachment. The email mentioned something about pictures I scanned or something. Needless to say I got the email and thought it was actually from my aunt. I downloaded the attachment and tried opening the file. Nothing happened when I clicked, or so I thought. But anyways, when I finally got back online I checked my sent mail and sure enough the email had forwarded itself to other people (people that weren't even in my address book believe it or not). But still this is good advice in hopes of slowing down those nasty worms. hehe
 
Well, here's a completely heretical way to do it- one that works for me. This is not a joke, nor is it a troll, and it'll probably raise a lot of people's blood pressures.

What do I do? I simply discard all attachments, unread. Never even think twice about it.

Seriously. Email should be _text_, period. Attachments are, in general, an complete waste of time, space, and bandwidth. And, if you're unfortunate enough to use a mail program or operating system that has no security at all (a good example of which would be the Microsoft product line), attachments are the primary way for viruses to spread. At my site, all attachments go into the trash, even though only 3 of my machines are non-Unix boxes. I feed all incoming mail to metamail to rip that junk out and keep the text portion intact. The rest never gets a chance to do any damage.

Very bald opinion follows: multimedia mail is in fact a crime against nature. Email was intended as a way to _communicate_, as in with _words_. It was not intended as a way to send blinkylights, flashycolors, wierdball fonts, porno jpgs, HTML blobs, Java jit, and unsolicited ads to your friends. If I need to exchange *data* files with clients or friends, I ftp them back and forth. Email is not secure enough to use for shipping data of any economic interest anyway...

Run a *real* mailserver, run procmail or a similar filter, and simply kill 'em all before they can hurt you. It's been working for me for years! Of course, dinosaur that I am, I've been using computers to communicate for a couple of decades. And my use predates all of this current "click and drool" nonsense. Your mileage may vary- there are probably some folks who'd just feel naked if they couldn't have their blinkylights and flashycolors. But that junk really doesn't help _communicate_, does it?
 
Sounds reasonable, but see this...

http://vil.nai.com/vil/virusSummary.asp?virus_k=99213

For those what don't feel like following links, here's the gist:

The !0000 Hoax is mainly circulating in the Netherlands. The e-mail content contains a "trick" how to prevent/stop mass-mailing routines used by e-mail viruses/worms. Basically the idea mentioned is to use a dummy !0000 e-mail contact address, so without an actual associated e-mail address, which would fail when accessed by a mass-mailer, thus giving the user the option to stop/block the mass-mailing. Now the trick might work for a few viruses, it won't stop the majority of the mass-mailers...

Please don't rely on this "trick", in most cases it won't work, don't forward the e-mail message on to other people- delete it.
Installing the Microsoft patches has better results.
 
well skippy, my blood is boiling now...uh well not really. :) I can see your view of it and also agree. Most attachments I have come across suck anyways, well except the funny ones. hehe. I really receive a lot more attachments than what I send. The latest thing I sent was an mp3 of my music to somebody and I know I haven't sent much myself when it comes to attachments. You talk about blinky lights, flashy colors, lol, you should see my website...very basic, no flash animations or anything too extensive (I've learned from other people that too many pictures and such take it longer to load). So I keep things simple, I'm sure a good portion of my site is nothing but text.
 
Skippy,

not all attachments are multimedia... some are text only too... but those are always dumb forwards and probably not worth reading.
 
The first thing to do should be to get rid of Outlook. Most viruses are geared towards that. Switch to Eudora or some other e-mail app and then get some virus protection.
 
jdechant pointed out that not all attachments are multimedia. Absolutely true. Some mailers are so braindead that they even attach the text of the message itself: the message body proper is empty, and all the content is a multipart/mixed attachment, usually followed by the same thing repeated in HTML, and sometimes followed by yet a third copy in some other wierd format, followed by maybe even more attachments with other wierd stuff in them that probably means something only to one specific mail reader product line. 200Kbytes to say "me too". Argh.

That's why I use metamail to do my attachment stripping. I have it configured such that if the text is an attachment, metamail will convert it and keep it around as defanged straight text in the body of the resulting mail. If it is text in one of the gazillion strange fonts or richtext formats, it converts it to plain-jane ASCII and keeps it. But if it is anything *other* than text, it goes straight to /dev/null without a trace.

Draconian? Yes. But you have to remember that 99% of the use I make of these machines is for my business and my livelihood, and 99% of the people I communicate with via email are clients with very similar technical backgrounds (most of whom are even more dinosaurish than me!). So this works just fine in my context. Your mileage will almost certainly vary.

It's really sad that it has ended up this way. When the MIME standards were first put together, I remember being quite excited that it would prove useful for something, somehow. Oh, well: it's not the first good concept to be killed by bad implementation, and it certainly won't be the last.

Now look what you guys have done: you got me started ranting. I'll shut up now...
 
You must log in or register to reply here.
Back
Top