Forum Archive Index - November 2001

[Marilyn Munroe <who.c@res.co.nz>]

As in real life (email) viruses thrive in an environment where there is a 
large population of infectable hosts.

Therefore the solution lies in presenting email viruses with an environment 
which is immune to their predation.

The first step I would recommend is to eliminate the carrier, in this 
instance MS Outlook with its ability to allow code to read address books.

For those on the windows platform I suggest some alternatives. My preference 
is Netscape Communicator. While the browser may not be to everyones liking 
the email is good. I find its HTML email authoring excellent.

Will Bryant uses Eudora. I have no experience of this program but I am sure 
that it can not be as vulnerable as MS Outlook.

Another alternative is Pegasus. A Kiwi product. Some IT managers select it 
because of its LAN network friendly features.

This email is being written using Kmail on the Linux operating system. Linux 
is generally regarded as being more secure than Microsoft. If you are logged 
in as a user rather than an administrator (root) you can not modify or create 
a system file. So if you download something nasty it will not infect the 
computers operating system.

Careful scrutiny of email attachments is required. A favorite trick of 
viruses is to include attachments with interesting titles to entice you to 
open them. Attachments of types .pif or .vbs should not be opened under any 
circumstances. If an executable file (.exe)is receivied the sender should be 
queried as to whether the file was sent intentionally by the sender. 

Common Microsoft file types such as .doc (MS Word) or .xls (MS Excel) can 
contain hidden code which may run as soon as you open the file. If such code 
is malicious you are in trouble. As a courtesy to recipients of such files I 
recommend that you save MS Word documents as rich text files (.rtf) and send 
attachments in this format. MS Excel files should be sent as symbolic link 
files (.slk) These types of files can not transport code.

If you use a computer at work you and your fellow employees should refrain 
from downloading programs from the internet and installing them without 
permission from  your IT person. Hey, I Know that some IT people are socially 
challenged meglomaniacs, but cooperate with them on this one.

The use of a non de plume like Marilyn Munroe and a false email address 
like who.c@res.co.nz when posting in public forums such as Sharechat means 
that the bad people can not copy your true email address from such sites and 
send you viruses.

If you insist on using MS Outlook place an entry in your address book with 
the name of !000 and leave the email address field blank. If a virus attempts 
top access the entry to send an email, you should see an error massage saying 
that the email address can not be found. While this will not prevent the 
virus infection it will at least alert you to the problem.

I have not discussed virus checkers because I do not use them. I have found 
that if I follow precautions they are not needed.

Email viruses like their biological equivalents are always mutating, looking 
for new weaknesses to exploit. A good disaster recovery plan is essential for 
when you get hit. You back up often right?

Boop-boop-de-do Marilyn


----------------------------------------------------------------------------
To remove yourself from this list, please use the form at
http://www.sharechat.co.nz/chat/forum/