[Dshield] Password protected Bagle.F
jayjwa at atr2.ath.cx
Wed Mar 3 20:51:46 GMT 2004
On Tue, 2 Mar 2004, Jon R. Kibler wrote:
> If we receive an email with an attachment, we quarantine the attachmen
> A notification is also sent to our mail admin who
> will hopefully have a chance to examine the attachment before someone
> decides to open in.
So the mail admin is in the habit of rooting thru people's mail? (I'm
assuming you'll say this is a business setting and that the user has
no rights to privacy, but I simply wish to understand better what is
occuring- I'm not condeming anyone.)
I've not yet received the passwd'ed viruses yet. Being how I have 14 more
mails to read thru though, it may turn up. When I heard this I couldn't
belive it: a passworded virus? What does it say to the user? "Dear Mr/Mrs.
User; Hi! I'm your new virus, please enter my password so that I can
execute. If you don't enter it correctly, I won't be able to infect your
system. Thanks, Sincerly, Bagle.F"
I scoffed at the idea of users being infected by viruses sent in zip
archives when I first heard it, I've since grown to accept that some
people will do such dangerous things; but having to entering a password
too? IMNSHO, that person should be held accountable for intentionally
bringing about whatever damage the thing may cause. If this was
done in my business setting, and I had any say in the matter where
such an action caused significant damage to our company assets,
this person would be at the least be seriously reprimanded if not
outright fired. It would be akin to taking the company car and
leaving it windows-down unlocked in a public place and having it
get stolen. Ignorance of the rules does not make you immune to them. It's
not the technology nor the SMTP protocol that needs to be changed- it's
the way that people view security that needs the upgrading. All that the
users have to remember is do not open anything unknown, and don't run
anything that comes in the mail. I don't think those are unreasonable,
hard-to-follow guidelines. My friends who are not into computers beyond
the 10 min a day it takes them to read their email know enough not to open
& execute unknown items. It's really not differicult!
%jayjwa% RLF#37 VxL at Atr2 tct xrl: B628B851
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!
More information about the list