[unisog] Phishing targeting University Admissions

jef moskot jef at math.miami.edu
Thu Jun 17 04:57:26 GMT 2004


[Sorry if this is a repeat...the first attempt didn't seem to take.]

On Wed, 16 Jun 2004, Joseph Brennan wrote:
> ClamAV is of course an alternative to that software fee. ... The thing
> is, it won't stop the brand-new rapidly spreading virus.

There's usually an update within a few hours of a new threat discovery,
but it's not new threats that keep hammering our servers.  On any given
day, 5-15% of our incoming traffic is worm spew, and almost none of it is
today's special.

Stick a conservative DNSBL or two in front of that and your server load
should actually drop (even considering the extra processing ClamAV
requires).

Obviously, the users still need to be educated about the potential evils
lurking within attachments (to the extent that your user base is capable
of grasping the concept), but at least they'll only very rarely have the
option to click where they shouldn't...and they'll be a lot happier
without all the spam something like the Spamhaus BLs will keep out.

Jeffrey Moskot
System Administrator
jef at math.miami.edu



More information about the unisog mailing list