Re: [newbie]: Virus talk and kmail, direct connection
On Tue, 31 Jul 2001 12:47, Judith Miner wrote: Alan wrote: just read about the SirCam virus - do I panic slowly? You don't panic at all. In order to get infected, you have to open the attachment that contains the virus. I assume you don't open attachments you weren't expecting to get and that you check ALL attachments, regardless of file type or who sent them, with at least one up-to-date antivirus program before you open them. SirCam comes with an odd e-mail message--something like hi I'd like your advice about this (I don't remember the exact wording). I've gotten messages with SirCam attachments, AnnaK, ILoveYou, and everything else that's made the news, but have never opened a single one and have never had a virus in 14 years of using computers. --Judy Miner The answer is simple: if you don't use Outlook/Outlook Express (in Windows, of course), you are 100% safe from these. So in other words, you are safe in GNU/Linux. I got three SirCam messages from the same person (I have no idea who it was) just yesterday. I was laughing my head off :-) -- Sridhar Dhanapalan. There are two major products that come from Berkeley: LSD and UNIX. We don't believe this to be a coincidence. -- Jeremy S. Anderson
Re: [newbie]: Virus talk and kmail, direct connection
Maybe I am under-paranoid or under-informed or something, but all this talk of viruses is getting to me as well. I see the time spent worrying about viruses as being better spent backing up data or playing with kids or something. People spend more time and money (not as accurate in the linux world) on viruses than they would ever spend fixing a virus problem. I've been doing this computer stuff for about 5 years now and have never had an anti-virus program or a virus. Just a thought jim Quoting alan [EMAIL PROTECTED]: Hi All All this talk of viruses is getting to me. Which virus programme do I need, if any at all. Here is my system: My machine - stand alone mdk8.0, at home, dialup isp. Using kmail with direct pop connection to isp to retreive mail and direct smtp connection, in this case to mail.metroweb.co.za to send mail. The same system is used if I use Netscape. No virus programme is used. M$Win98 on hda, mdk8.0 on hdb. # The anti virus programmes, it seems to me, are used in conjuction with fetchmail/postfix/sendmail/qmail/procmail/etc where the mail is intercepted before being received or sent. Am I right in this assumption? # If I am wrong then what is the most efficient way to set up kmail or netscape direct dial system to incorporate virus protection for my linux sys and as a secondary consideration, my M$Win98 sys I do have Win98 on my first hd that I occasionally access via linux to retrieve files or archive mdk files. Sometimes I use Win98 directly. I do not access the internet form my M$Win98 drive (at the present). # Is it possible for a Win virus to migrate to the win98 hda when accessing it using a file manager assuming that I do not directly copy an email or attachment to the Win98 hd? # If I did want to copy the contents of an email to the M$win hd would it be okay if the contents where copied to a text file and the text file copied across for use in say Corel WP8, I do not use M$ Office at all, at all! # Recently however I archived my kmail and netscape 'mail box' on the win98 hda whilst I changed the file sys over to reisersFS - could a problem arise in a case like this? Sorry for the verbosity but I sometimes think that I have all straightened up in my mind when one of the mails on the list says, /var/spool/mail/ . . . , then I know that the list is talking about something else and not a direct connection to the Internet from the mail programme. Thanks and regards Alan Smith PS just read about the SirCam virus - do I panic slowly? Ignorance is underrated
Re: [newbie]: Virus talk and kmail, direct connection
Hey--and does the one that says something about hi, i'd like your advice about this come with a file attached in *.pif format? If so, I think I got it. Maybe I have had viruses and just didn't know it. What does this virus do? jim Quoting Judith Miner [EMAIL PROTECTED]: Alan wrote: just read about the SirCam virus - do I panic slowly? You don't panic at all. In order to get infected, you have to open the attachment that contains the virus. I assume you don't open attachments you weren't expecting to get and that you check ALL attachments, regardless of file type or who sent them, with at least one up-to-date antivirus program before you open them. SirCam comes with an odd e-mail message--something like hi I'd like your advice about this (I don't remember the exact wording). I've gotten messages with SirCam attachments, AnnaK, ILoveYou, and everything else that's made the news, but have never opened a single one and have never had a virus in 14 years of using computers. --Judy Miner Ignorance is underrated
Re: [newbie]: Virus talk and kmail, direct connection
Hey--and does the one that says something about hi, i'd like your advice about this come with a file attached in *.pif format? If so, I think I got it. Maybe I have had viruses and just didn't know it. What does this virus do? jim That;s the one. You recognise it because it has 2 extensions. Like book1.xls.pif, or resume.doc.pif. (Got these several times last week). Pif is Program Information File in windows. Many new win-users don't even know about these, but that is an executable extension in winders. So you got your first virus in! Congratulations! hahaha!! The virus seems to destroy harddisk information. Not sure how and what, but it is a nasty. Paul
Re: [newbie]: Virus talk and kmail, direct connection
On Wed, 1 Aug 2001 22:49, Paul wrote: Hey--and does the one that says something about hi, i'd like your advice about this come with a file attached in *.pif format? If so, I think I got it. Maybe I have had viruses and just didn't know it. What does this virus do? jim That;s the one. You recognise it because it has 2 extensions. Like book1.xls.pif, or resume.doc.pif. (Got these several times last week). Pif is Program Information File in windows. Many new win-users don't even know about these, but that is an executable extension in winders. So you got your first virus in! Congratulations! hahaha!! The virus seems to destroy harddisk information. Not sure how and what, but it is a nasty. Paul The SirCam virus/worm selects a file at random from the victim's hard drive to send. This file can be of any format or type. Of course, if you use GNU/Linux you have nothing to be afraid of. You can just laugh as I did :-) -- Sridhar Dhanapalan. There are two major products that come from Berkeley: LSD and UNIX. We don't believe this to be a coincidence. -- Jeremy S. Anderson
Re: [newbie]: Virus talk and kmail, direct connection
James S Bear wrote: Hey--and does the one that says something about hi, i'd like your advice about this come with a file attached in *.pif format? If so, I think I got it. Maybe I have had viruses and just didn't know it. What does this virus do? See http://www.f-secure.fi/v-descs/sircam.shtml. Basically, it: -is called SirCam. -works only on Windows, and only if you use Outlook or Outlook express as your email client. -infects your computer only if you open the attachment (and you use Windows, Outlook, etc.). -installs itself on your computer, then sends copies of itself to other computers via email messages or over a LAN by looking for Windows shares. -when it sends copies of itself, it picks random files from your disk to send to others, so, it may be distributing your confidential information. -on a random basis, it may either erase the hard drive (partition) containing Windows, or fill it up with garbage. Randy Kramer
Re: [newbie]: Virus talk and kmail, direct connection
Randy Kramer wrote: James S Bear wrote: Hey--and does the one that says something about hi, i'd like your advice about this come with a file attached in *.pif format? If so, I think I got it. Maybe I have had viruses and just didn't know it. What does this virus do? See http://www.f-secure.fi/v-descs/sircam.shtml. Basically, it: -is called SirCam. -works only on Windows, and only if you use Outlook or Outlook express as your email client. -infects your computer only if you open the attachment (and you use Windows, Outlook, etc.). -installs itself on your computer, then sends copies of itself to other computers via email messages or over a LAN by looking for Windows shares. -when it sends copies of itself, it picks random files from your disk to send to others, so, it may be distributing your confidential information. -on a random basis, it may either erase the hard drive (partition) containing Windows, or fill it up with garbage. Randy Kramer Isn't it redundant to fill a Windows partition with garbage? Regards, Carroll
Re: [newbie]: Virus talk and kmail, direct connection
what did you read that (as a linux user) would make you panic? I got about six of them last week, the delete key worked great... got to see all the code and headers and stuff all had the same reply to address and Judy was correct about the hi I would like your advice, On Monday 30 July 2001 22:47, Judith Miner wrote: Alan wrote: just read about the SirCam virus - do I panic slowly? You don't panic at all. In order to get infected, you have to open the attachment that contains the virus. I assume you don't open attachments you weren't expecting to get and that you check ALL attachments, regardless of file type or who sent them, with at least one up-to-date antivirus program before you open them. SirCam comes with an odd e-mail message--something like hi I'd like your advice about this (I don't remember the exact wording). I've gotten messages with SirCam attachments, AnnaK, ILoveYou, and everything else that's made the news, but have never opened a single one and have never had a virus in 14 years of using computers. --Judy Miner
Re: [newbie]: Virus talk and kmail, direct connection
Alan wrote: just read about the SirCam virus - do I panic slowly? You don't panic at all. In order to get infected, you have to open the attachment that contains the virus. I assume you don't open attachments you weren't expecting to get and that you check ALL attachments, regardless of file type or who sent them, with at least one up-to-date antivirus program before you open them. SirCam comes with an odd e-mail message--something like hi I'd like your advice about this (I don't remember the exact wording). I've gotten messages with SirCam attachments, AnnaK, ILoveYou, and everything else that's made the news, but have never opened a single one and have never had a virus in 14 years of using computers. --Judy Miner
[newbie]: Virus talk and kmail, direct connection
Hi All All this talk of viruses is getting to me. Which virus programme do I need, if any at all. Here is my system: My machine - stand alone mdk8.0, at home, dialup isp. Using kmail with direct pop connection to isp to retreive mail and direct smtp connection, in this case to mail.metroweb.co.za to send mail. The same system is used if I use Netscape. No virus programme is used. M$Win98 on hda, mdk8.0 on hdb. # The anti virus programmes, it seems to me, are used in conjuction with fetchmail/postfix/sendmail/qmail/procmail/etc where the mail is intercepted before being received or sent. Am I right in this assumption? # If I am wrong then what is the most efficient way to set up kmail or netscape direct dial system to incorporate virus protection for my linux sys and as a secondary consideration, my M$Win98 sys I do have Win98 on my first hd that I occasionally access via linux to retrieve files or archive mdk files. Sometimes I use Win98 directly. I do not access the internet form my M$Win98 drive (at the present). # Is it possible for a Win virus to migrate to the win98 hda when accessing it using a file manager assuming that I do not directly copy an email or attachment to the Win98 hd? # If I did want to copy the contents of an email to the M$win hd would it be okay if the contents where copied to a text file and the text file copied across for use in say Corel WP8, I do not use M$ Office at all, at all! # Recently however I archived my kmail and netscape 'mail box' on the win98 hda whilst I changed the file sys over to reisersFS - could a problem arise in a case like this? Sorry for the verbosity but I sometimes think that I have all straightened up in my mind when one of the mails on the list says, /var/spool/mail/ . . . , then I know that the list is talking about something else and not a direct connection to the Internet from the mail programme. Thanks and regards Alan Smith PS just read about the SirCam virus - do I panic slowly?
Re: [newbie]: Virus talk and kmail, direct connection
It was Mon, 30 Jul 2001 20:58:00 +0200 when alan wrote: # The anti virus programmes, it seems to me, are used in conjuction with fetchmail/postfix/sendmail/qmail/procmail/etc where the mail is intercepted before being received or sent. Am I right in this assumption? Yup. # If I am wrong then what is the most efficient way to set up kmail or netscape direct dial system to incorporate virus protection for my linux sys and as a secondary consideration, my M$Win98 sys The thing is that most virus scanners for Linux will scan for Windows virae. So if you plan on moving your mail on to the windowz partition, then setting up some viral mousetrap is a good idea. The virae that you get inside the linux environment are 99.9% windows based, and these can't do a thing in Linux. I do have Win98 on my first hd that I occasionally access via linux to retrieve files or archive mdk files. Sometimes I use Win98 directly. I do not access the internet form my M$Win98 drive (at the present). # Is it possible for a Win virus to migrate to the win98 hda when accessing it using a file manager assuming that I do not directly copy an email or attachment to the Win98 hd? I doubt that very much. If you keep internet related things away from the win9x partition, that should be safe. # If I did want to copy the contents of an email to the M$win hd would it be okay if the contents where copied to a text file and the text file copied across for use in say Corel WP8, I do not use M$ Office at all, at all! That would not be a problem. Virae are programs, not text files. # Recently however I archived my kmail and netscape 'mail box' on the win98 hda whilst I changed the file sys over to reisersFS - could a problem arise in a case like this? Not really. If you just dump things there, change to Reiser, and copy things back, there is no problem. Just don't open anything suspicious (unknown senders, weird attachments that you don't expect to arrive). Delete that lot. Sorry for the verbosity but I sometimes think that I have all straightened up in my mind when one of the mails on the list says, /var/spool/mail/ . . . , then I know that the list is talking about something else and not a direct connection to the Internet from the mail programme. Thanks and regards Alan Smith PS just read about the SirCam virus - do I panic slowly? I have already received it 4 times this last week. It can't hurt a linux machine. You can also detect that virus easily: it has 2 extensions. Examples that I got in: book.xls.pif resume.doc.pif The poison is in the pif. Program Information File. Means executable. Most newbie winders users don't know that. PIFs were the major way to get things straight in Win3.x Hope this helps Paul -- Nothing can hold back a dream. http://nlpagan.net - Registered Linux User 174403 Linux Mandrake 8.0 - Sylpheed 0.5.1 ** http://www.care2.com - when you care **
RE: [newbie]: Virus talk and kmail, direct connection
you don't need to worry about windows virus's damaging your linux install, however, if you have an infected file on your linux box and you retrive that file for windows, you can infect your windows install.. if you want to protect windows clients from virus's coming through your linux gateway, I suggest you read up on amavis www.amavis.org that should answer your questions, I am in the middle of trying to set this up myself. rgds Frank -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of alan Sent: Tuesday, 31 July 2001 2:58 AM To: [newbie] Subject: [newbie]: Virus talk and kmail, direct connection Hi All All this talk of viruses is getting to me. Which virus programme do I need, if any at all. Here is my system: My machine - stand alone mdk8.0, at home, dialup isp. Using kmail with direct pop connection to isp to retreive mail and direct smtp connection, in this case to mail.metroweb.co.za to send mail. The same system is used if I use Netscape. No virus programme is used. M$Win98 on hda, mdk8.0 on hdb. # The anti virus programmes, it seems to me, are used in conjuction with fetchmail/postfix/sendmail/qmail/procmail/etc where the mail is intercepted before being received or sent. Am I right in this assumption? # If I am wrong then what is the most efficient way to set up kmail or netscape direct dial system to incorporate virus protection for my linux sys and as a secondary consideration, my M$Win98 sys I do have Win98 on my first hd that I occasionally access via linux to retrieve files or archive mdk files. Sometimes I use Win98 directly. I do not access the internet form my M$Win98 drive (at the present). # Is it possible for a Win virus to migrate to the win98 hda when accessing it using a file manager assuming that I do not directly copy an email or attachment to the Win98 hd? # If I did want to copy the contents of an email to the M$win hd would it be okay if the contents where copied to a text file and the text file copied across for use in say Corel WP8, I do not use M$ Office at all, at all! # Recently however I archived my kmail and netscape 'mail box' on the win98 hda whilst I changed the file sys over to reisersFS - could a problem arise in a case like this? Sorry for the verbosity but I sometimes think that I have all straightened up in my mind when one of the mails on the list says, /var/spool/mail/ . . . , then I know that the list is talking about something else and not a direct connection to the Internet from the mail programme. Thanks and regards Alan Smith PS just read about the SirCam virus - do I panic slowly?
