Re: Wilson and the Sir.CAM virus
[EMAIL PROTECTED] wrote: > I think it's really an issue of user knowledge - most linux users are not > going to just randomly open / execute a program just because they receive it > in their email. If you use a mailer like mutt or pine, it's pretty unlikely [snip] Even us hybrids who use both m$ and *nix with have half a brain know enough not to open executables from untrusted senders. I watched the first mail from "Wilson" come in yesterday afternoon and merely deleted it as I braced myself for the inevitable responses from all the virus scanners out there. Stuff like this happens often enough here. I hope nobody out there was naive enough to have opened the file and became infected. > Now we still haven't heard anything; does this list have an admin / > moderator? Why isn't it closed to off list subscribers and why doesn't it > reject all attachments? This is not a moderated list and I think D.B. is probably too busy solving *real* problems to pay much attention to these minor annoyances from one of the toys he's created. He probably is not even aware what's going on..
Re: Wilson and the Sir.CAM virus
On Thu, Jul 26, 2001 at 12:04:18PM -0600, Stephen Bosch wrote: > Fortunately, I'm using Linux -- but I fear it will only be a matter of > time before Linux too will be the victim of worm attacks like this. Sorry to continue this somewhat off topic thread I think it's really an issue of user knowledge - most linux users are not going to just randomly open / execute a program just because they receive it in their email. If you use a mailer like mutt or pine, it's pretty unlikely that you're going to have any problems. If you're using a graphical program like Netscape it's still unlikely provided you turn inline attachments / javascript off. Now we still haven't heard anything; does this list have an admin / moderator? Why isn't it closed to off list subscribers and why doesn't it reject all attachments? This would stop all of the annoying problems we're having. w
Re: Wilson and the Sir.CAM virus
Alan Clegg wrote: > > The *REALLY* odd thing about this is that Sir.CAM will only send itself > out once *PER INFECTION*. That depends on what you mean by a single infection. If you mean a single machine, that's not actually true. SirCAM makes Windows registry changes so that the SirCam.exe file is executed every time an application is opened. This virus is pretty scary. Most viruses don't bother me. This one, however... Fortunately, I'm using Linux -- but I fear it will only be a matter of time before Linux too will be the victim of worm attacks like this. -Stephen-
Wilson and the Sir.CAM virus
The *REALLY* odd thing about this is that Sir.CAM will only send itself out once *PER INFECTION*. Is this guy auto-opening every virus he gets, or is this a directed attack against this list? Another interesting thing is that I'm now getting this virus sent to an e-mail address that has been out-of-use for over 2 years, and even then was only used for about three months. It never even got any SPAM! Alan -- Alan Clegg I do UNIX and Networks [EMAIL PROTECTED]I don't have any certification I have experience