New Worm out. W32/Bagle.ai@MM

[JetBlack69]

Got 2 of those e-mails today. Deleted them on the spot.

 

[BuckNaked]

NM... misread the title... I have been receiving these... W32.Beagle.AC@mm

 

[Anubis]

fine here, i havent gotten any of these new ones, I :heart: routers and firewalls

 

[Jzero]

Originally posted by: Anubis
fine here, i havent gotten any of these new ones, I :heart: routers and firewalls

Routers and Firewalls don't do much for e-mail viruses...

 

[Mr N8]

Originally posted by: Jzero

Originally posted by: Anubis
fine here, i havent gotten any of these new ones, I :heart: routers and firewalls

Routers and Firewalls don't do much for e-mail viruses...

Symantec didn't do anything for this on my home machines, but my Netscreen IDP box took care of all of it at work. Another tragedy averted for the time being. :thumbsup:

 

[brtspears2]

Thought I had the upper hand here with no infections, then someone just had to walk in with their laptop, check their non-business email and infect themselves, arg.

 

[PanzerIV]

Same sh!t, different day. Don't these fools get tired of writing these? I can't wait for harsher penalites to be enacted so there are serious consequences for releasing viruses. Obviously what little that is being done isn't enough.

 

[OutHouse]

Originally posted by: MogulMonster

Originally posted by: Jzero

Originally posted by: Anubis
fine here, i havent gotten any of these new ones, I :heart: routers and firewalls

Routers and Firewalls don't do much for e-mail viruses...

Symantec didn't do anything for this on my home machines, but my Netscreen IDP box took care of all of it at work. Another tragedy averted for the time being. :thumbsup:

Hell ya, we put 4 netscreen IDP boxes in our network a few months ago. they were catching it before we even knew it was there. the phone calls i was getting was from our idiot home workers who opened the mail that didnt come from our servers.

 

[Jgtdragon]

Removal tool from Symantec.

 

[Mr.IncrediblyBored]

Originally posted by: Jzero
It's not really applicable for home users, but any company with a mail server should be using a software tool to delete common virus extensions like .scr, .pif, .exe, .com, .bat, etc, before they get to the user, regardless of if they match a virus definition. It also should kill password-protected zip files on sight.

I've been running one of these for about 2 years now (Sybari's Antigen) and it has all but silenced any virus activity (at least from e-mails).

The problem with rules based filters is they also filter out legitimate attachments as well. As somebody that does support for a multitude of customers, having to send updates to those with email filters is annoying as hell.

 

[Jzero]

Originally posted by: KnightBreed

Originally posted by: Jzero
It's not really applicable for home users, but any company with a mail server should be using a software tool to delete common virus extensions like .scr, .pif, .exe, .com, .bat, etc, before they get to the user, regardless of if they match a virus definition. It also should kill password-protected zip files on sight.

I've been running one of these for about 2 years now (Sybari's Antigen) and it has all but silenced any virus activity (at least from e-mails).

The problem with rules based filters is they also filter out legitimate attachments as well. As somebody that does support for a multitude of customers, having to send updates to those with email filters is annoying as hell.

Not sure I follow you on that one. What kind of updates are you sending?
Since the filters are rules-based, you can dodge the rules easily by renaming the files to something that doesn't match one of the rules, and it is fast and simple to retrieve files from the quarantine and pass them on to the user if necessary.

It also should be configured properly. My company sends out files to clients that could potentially be stripped. This information is sent through a separate smtp server that has no rules-based filtering.

You can also configure it to monitor only inbound mail.

 

[DnetMHZ]

I just caught a fish

Action taken on message:
The attachment Fish.scr matched file blocking settings. ScanMail took the action: Deleted.

<edit>
and a dog

Action taken on message:
The attachment Dog.cpl matched file blocking settings. ScanMail took the action: Deleted.

seen several variations of this one today.

 

[azazyel]

I have started a collection. So far I have received 10 since the 6th. I know not all are the same thing but it is getting annoying.

 

[Night201]

I've actually been getting lots of MyDoom.I varients hitting my server. I've blocked the IP address of the computers sending them to my server here at work. It's all good now.

 

[Anubis]

Originally posted by: Jzero

Originally posted by: Anubis
fine here, i havent gotten any of these new ones, I :heart: routers and firewalls

Routers and Firewalls don't do much for e-mail viruses...

spam assassin takes care of that one, i javent even seen the email, and im not stupid enough to open it

 

[jagec]

Originally posted by: azazyel
I have started a collection. So far I have received 10 since the 6th. I know not all are the same thing but it is getting annoying.

You should get a whole bunch of them and put them all in a big hard drive. Then you can distill them to make new, more powerful viruses, and sell them to Iraq!

 

[ucsdguy]

Yeah, my work has been hit by it too - at the worst time. One of our old file servers died and guess what? The Norton virus defn's were on that system. Of course, as luck would have it, someone opened an email attachment followed by a proverbial can of worms.

 

[911paramedic]

Originally posted by: Doggiedog"My boss sent it to me. I normally don't open anything executable but it was a zip file I thought had pictures of his bbq this weekend since it said pics."

OMGWTFBBQ <--First time this actually works

 

[DougK62]

So why is this a big deal? New viruses that are distributed by email come out every day and you can ignore them all by not opening strange attachments. This has been going on for years. No cause for alarm.

 

[villager]

Originally posted by: Ogg
Yes.
Also variants include dog, fish, etc...........
This isnt a joke just the latest email virus to arrive by attachment. Reported today and not patched yet. Currently attacking our mail system

I use a mac so I dont care.

 

[tranceport]

Originally posted by: Jzero

Originally posted by: spidey07

Originally posted by: Rilescat
so how does it contain its own SMTP service? I would think that would take a large attachment.

nope, simple SMTP is very simple and very small.

Yep. And viruses have been doing this for quite some time.

I still can't figure out why any corporate entity is still not using a RULE-BASED FILTER! Get with the program, IT peeps!

I don't even give these small-time viruses a second thought anymore.

I'm with ya. We haven't been affected by crappy viruses like this in years..

Groupshield for Exchange. Multiple e250 webshields for spam and viruses on smtp.