| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | FTP07 |
Greg Mayman (3:800/449) wrote to Steven Horn at 16:35 on 22 Apr 2003:
GM> IMO that was a big weakness of that virus. Much better (for the
GM> virus) that the Subject line should look legitimate. Better still
GM> that it attached itself to genuine messages without giving
GM> anything away. I gather some of the Trojans are like that.
Some of the trojans are very sneaky.
GM> I'me sure they will. In fact I think my ISP has blocked a couple
GM> like that already. I noticed them because they were from a friend
GM> of my brother, and on a subject that only the two of them would
GM> have been corresponding about. Additionally, the messages were cut
GM> short and a note added by the ISP that the attachment had a
GM> suspicious filename and extension, and so had been removed.
My ZoneAlarm Pro will do that with some attachments. Then I have to find
them and decide if I want to open them.
GM> No, but my point is that they always _are_ behind.
But if the virus originates in Asia or Russia, both companies may have
their definitions updated by the time they hit North America.
GM> I have no idea whether it could or not. But think about this:
GM> F-PROT is used by a lot less people than McAfee and Norton. And
GM> there are a lot more out there that apparently have NO protection
GM> at all, if I am to believe what they have told me.
GM> So if F-PROT did protect those few who were using it, it would
GM> still leave a lot of others to be infected and to spread the virus.
People either have no anti-virus software at all or what they have is an
obsolete version with outdated definition files. I suppose it makes
computer shops happy because they get money for cleaning up the ensuing
mess.:-)
But to get back to F-PROT, while it has heuristic detection built in, that
still depends on what the program knows about existing viruses, programs
and worms so if you don't keep your F-PROT definition files up to date, you
may still be in trouble.
Take care,
Steven Horn (steven_a_horn{at}yahoo.ca)
Moderator, ALASKA_CHAT
--- timEd/386 1.10.y2k+
* Origin: Yukon Mail Only (northof60.tzo.com), Whitehorse,Canada (1:17/67)SEEN-BY: 633/267 270 @PATH: 17/67 140/1 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.