Posted on 10/09/2001 1:02:58 PM PDT by Coyote
Just a notice, for your etification:
Norton Antivirus just quarantined one of my emails coming in as:
Date: 10/9/2001, Time: 12:30:14, default on G0DF801 The email attachment VALORES UNITARIOS 2.doc.pif is infected with the W32.Sircam.Worm@mm virus. The file was quarantined.
I did NOT open it so I can't say what the message was, or whom it was from. I just deleted it and the attachment. Just watch the attachments. Mosquito bites are small, but given enough, they can bleed a person to death. The same is probably true of a nation.
I'm simply not opening ANYTHING that's suspicious. That's especially true of those business emails I've been getting in droves in the past weeks from the likes of Jamal, Haroom, and Achmed, trying to either sell me something, give something away, or get me involved in something patriotic.
Well, I'm learning about this worm as I go. I upgraded Norton after 911 just in case. And I'm happy I did. SirCam looks to be a VERY bad one.
In this case, the attached file named was ALSO the SUBJECT name of the email itself, just to make that clear for anyone who might like to know.
Another thing. I have ZoneAlarm as a firewall thingy. I KEEP getting blocks from a couple addresses that are the same. CONSTANTLY. The ZA alerts have said something about it possibly being code red worm. Is that a real thing? Never heard of it.
1. Update your antivirus program regularly. At one time these updates were released monthly, then weekly, and in recent times almost on a daily basis. You are far less likely to get infected if you update, as your experience just proved.
2. Use a good firewall--either a mechanical firewall, or ZoneAlarm, or both. I use both on my computer at home, which is hooked to a cable modem. Although the mechanical firewall stopped everything from getting through for months, it failed to block a couple of attacks over the past week, which got through and reached ZoneAlarm.
3. Needless to say, don't override your virus protection in order to have a look at a suspicious message. If you think it is something from a friend that you would want to see, take note of the Subject and delete it anyway. Then ask your friend if he has done an antivirus check recently, and if he really sent this message or if maybe his machine was manipulated by a worm into sending it unbeknownst to him. If the message was kosher, your friend can send it again.
No matter which antivirus software you use, keeping your virus definitions up to date is essential. I update mine each Friday night along with backing up my files. I know a guy that updates his virus defs every day. Probably a bit severe but better safe than sorry.
I'm still on a dialup. Is a firewall still useful when connected via dialup?
Apparently real. More HERE. Apparently attacks servers running under Microsoft OS's.
It always is...
Depends on your mail program. If you show full headers, you can see where it came from...
Another thing. I have ZoneAlarm as a firewall thingy. I KEEP getting blocks from a couple addresses that are the same. CONSTANTLY. The ZA alerts have said something about it possibly being code red worm. Is that a real thing? Never heard of it.
Yes. But it won't affect you unless you are running a web-server. If you are running a flavor of NT (NT, 2000 or XP) but not a webserver, you will merely be a carrier. It will attack a lot of Cisco Routers, because they are web-enabled, but it just crashes them. Block that IP so it doesn't bother you anymore. The NIMDA worm is much more powerful. It will infect you if you merely go to a infected website using Internet Explorer. They both originated in China.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.