[plug] Here to find out more!
Craig Ringer
craig at postnewspapers.com.au
Sat Aug 17 00:47:06 WST 2002
>
>
>I have just received another email from the list that contains a virus, this
>email appears to have been posted by <chrisg at doladns.dola.wa.gov.au>,
>
Its klez, so its not important who it appears to be from. Klez spoofs
the From: address to appear to be from a random address selected from
the address book of the user. So all that tells us is that the infected
machine has both "plug at plug.linux.org.au" and
"chrisg at doladns.dola.wa.gov.au" in its address book.
>There was also an attachment to this email named 'B962197' and according to
>my virus scanner it contained the 'W32/Klez.h at MM' virus.
>
Yay. Klez. Just when you think its gone away....
then again I'm _still_ getting Nimidia hits from some japanese primary
school www-server with a broken contact email *arrggh*.
>Could somebody please explain to me 'What is happening here ?'
>
Most likely somebody who is subscribed to plug (since we don't allow
un-subscribed posts, yes?) has a machine infected by klez. Nothing
special. Reading PLUG doesn't mean you have to use linux (though having
X-Mailer: Microsoft Outlook Express might get you laughed out unless
you're writing from a braindead workplace). It really isn't
spectactular, and virus filtering lists is not going to be practical
unless/until there's _free_ _quality_ anti-virus software available.
> I may be wrong but I don't think this is a good way to get poeple to
> change over to Linux.
Pfft. Every mailing list that doesn't have some kind of virus scanning
available will have this problem, and one could argue that most of this
list's readers will be at much less risk than usual because they'll (a)
NOT use MS outlook express or use it with completely up-to-date virus
scanning (b) quite likely not use windows at all.
Don't stress about it. Don't use outlook or outlook express, or don't
use windows. If you must use windows, and _especially_ if you must use
Outlook (express) get a good virus scanner and keep it up to date.
Clearly you have at least a vaguely decent one given that you posted
this, not "arrggh email from plug ate my machine". Though any virus
scanner w/o detection of Klez can be considered utterly broken so its
not saying much that it found this. Anyway, there's nothing to be done
but take sensible precautions, understand that there's no effective way
to prevent this, and not stress.
Craig Ringer
More information about the plug
mailing list