Theiling Online    Sitemap    Conlang Mailing List HQ   

Virus guidelines (was: WARNING)

From:Lars Henrik Mathiesen <thorinn@...>
Date:Thursday, May 31, 2001, 6:24
> Date: Thu, 31 May 2001 00:05:06 EDT > From: Elliott Lash <AL260@...> > > :( :( :( I'm really sorry if I caused you any problems *big fowns* > you have my permission to do something really bad to me... :( :( (In > the future, I think I'll try to figure these things out on my own, > rather than submitting such things to the list..tho I was trying to > help) again...*sadness* :(
Here's my professional advice. Whenever you get a virus warning, or see a suspicious email: If you're running Windows, first check your inbox and outbox --- if you already have much more mail than usual (which is of course hard to determine if you subscribe to high-volume lists like this), or there's tens of mails in the out queue that you didn't put there, take your machine offline AT ONCE so it doesn't propagate. Turning off the modem or removing the Ethernet cable is often fastest. Otherwise, go look it up before doing anything. Let me recommend Google again as the fastest way of finding most anything on the net. I just typed "SULFNBK.EXE virus", and the first link was Symantec's page about the hoax. (If you had to turn off the network, see if you can find another computer to do it from, that doesn't run a mail program on boot --- otherwise, try and turn off your own mail program before reconnecting to check. If it's a real virus, don't stay online until you get it fixed). If you do feel that you have to send out warnings, just send a pointer to a page at some anti-virus site. Don't copy out the instructions, they might change on the site, or mutate when your mail is resent. General safety rules: Install antivirus software if you can afford it. Update the virus definitions at least once a week, and remember to check the relevant web page for updated 'engine' versions --- when the virus authors invent new methods to hide them, it's often not possible to write a definition that works without extra support code. Never ever open an attachment anyway, unless you know what it is, why it was sent to you. Check that it was sent to you specifically. If it's from someone who normally sends you stuff, check that the text actually refers to some activity you have together, and is coherent. Coherency is important now, there's a real virus called Magistr going round that picks a subject line, a paragraph of text and a file name from some random file on the sender's hard disk. So even if it uses a lot of familiar words and spellings, it can still be a virus. (In fact that's how this SULFNBK.EXE hoax seems to have started: Someone got Magistr, which disguised itself under that name, but they didn't identify it correctly. And when antivirus programs didn't find a virus in that file on uninfected machines (because there wasn't any), someone else added the 'not a virus until June 1' thing. Which is nonsense --- if there was such a thing, it wouldn't be spreading itself until tomorrow. By definition, if it spreads, it's a virus, and sooner or later it will be detected by antivirus software). Or alternatively, run FreeBSD like I do. Noone writes viruses for this platform. (Linux is good too in that respect, but I'm sure someone will find a way to do it soon. The Mac is also an unpopular target). Lars Mathiesen (U of Copenhagen CS Dep) <thorinn@...> (Humour NOT marked)