[wplug] A virus among us?

Phil Walther, Jr. philjr at attglobal.net
Mon Sep 16 11:23:08 EDT 2002


If you view the Return-Path (not the reply to) part of the header, you will
see where it came from.  I receive about 5-10 KLEZ infected mails every day.
When I receive these, I forward an advisory with the original header as part
of the e-mail to the return path sender and cc abuse and postmaster at the
originating domain.

Since I have to use M$ Outlook (well don't have to), I use a virus scanner
that has the outlook plugins and does incoming scans of files, web elements,
etc.  For Win systems, Norton and McAfee are tops, and there are a few other
lesser know ones that do just as good a job.  McAfee has a nice option
called HAWK, where it'll flag you if multiple mails are "spamming" out your
mail client.

-----Original Message-----
From: wplug-admin at wplug.org [mailto:wplug-admin at wplug.org]On Behalf Of
Mark Dalrymple
Sent: Monday, September 16, 2002 11:01 AM
To: wplug at wplug.org
Subject: Re: [wplug] A virus amoung us?


> The latest
> one, received on Saturday, had "cellspacing" as the subject line and was
> returned to me from markd at badgertronics.com.

Remember that the klez viruses use random from and to addresses, and that
it scrapes them from the browser cache in addition to the address books.
I am markd at badgertronics.com, and I have zero (none, zip, nada) windows
systems, so it could not come from me.


If ya have any questions or concerns, feel free to drop me a line
directly (or hang out in #wplug)

Cheers,
++Mark Dalrymple, markd at badgertronics.com.  http://badgertronics.com
  "If a Trinitron monitor can make Windows look somewhat elegant
   then I say that is ONE HELL OF A MONITOR." -- Michael O'Neil
_______________________________________________
wplug mailing list
wplug at wplug.org
http://www.wplug.org/mailman/listinfo/wplug




More information about the wplug mailing list