[unisog] The danger of Klez warnings

Hall, Rand rand at merrimack.edu
Thu Sep 12 12:01:10 GMT 2002


> From: Joseph Brennan [mailto:brennan at columbia.edu]

> We have found ourselves in the position of changing users' addresses
> because of Klez virus warnings.  Not Klez-- we can identify and reject
> that-- but Klez warnings.
> 
> This will be the second one who needs a new address,
> with all the notifying to friends and associates that is involved.

Are you sure this will have a positive net effect? One that outweighs the
pain of changing addresses? It would seem highly likely that your user's
notification to "friends" will simply add the new address to the infected
person's address book.


> You all might want to check what your system does when it gets a Klez
> message.

Indeed. It should be a best practice to disable "sender notifications." Best
practice also dictates that we ensure continuously updated anti-virus is
installed on every PC we have influence over.

What are you all doing with the rejected Klez-infected messages? Why not put
together a pubic service SWAT team of cheap labor (students) to track down
and educate the infected?

Now, if we could only get the AV developers to inject a nag dialog to pop up
every five minutes that says, "Your PC is NOT protected until you configure
our auto-update feature."


--
Rand P. Hall, Director, Systems/Network
Collegis, Inc.
Merrimack College, North Andover, MA, USA
P:978-837-5000
F:978-837-5383
Rand.Hall at merrimack.edu


This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
Please note that any views or opinions presented in this email are solely
those of the author and do not necessarily represent those of the company.
Finally, the recipient should check this email and any attachments for the
presence of viruses. The company accepts no liability for any damage caused
by any virus transmitted by this email.



More information about the unisog mailing list