Alexandrie Alexandrie

Virus emails blasting my inbox

Virus emails blasting my inbox

I have tons of emails with virus I am getting, just today I've got around 500 of them, and the end of the day is not near, it's only 5PM, Norton warns me the virus has been deleted and I have to click finished button everytime, this is a pain in the ....

If someone know how to get rid of them without clicking on "finished" everytime please help me.

 

37,805 views 114 replies
Reply #51 Top
goodmorphing, no we are not all screwed...

we've yet to have one phone call about any of this and not one issue with network speed falling off or anyone unable to make use of their email at over 50 client sites.

Only apply MS updates that you read up on and choose to apply = turn off automatic updates

Active Virus monitoring and daily auto updates turned on.

Active Software Firewall and daily auto updates turned on.

Disable auto opening attachments in email program set to prompt, if it can't do it then get one that can.

Active registry scanner with daily auto updates turned on.

Active Register monitor with daily auto updates turned on.

Automatic running of scripts turned off, script filtering turned on.

Encrypted Secure Tunnel/Portal for your Internet connection. No one including your service provider needs to know what you do, buy, sell and where you go on the net it is not their business.

Drive and file transfer encryption, email encryption.

Hardware firewall with filtering enabled for Broadband AND/or Dialup is advisable also.

put an old computer together with two nicks in it and run it as a proxy server or NAT box and Gateway then secure the hell out of it.

There is no reason other than not knowing what to do for a system or a network to be open to such stuff beyond lack of user intervention.

Does this all mean 100% secure? No... does it mean that you can go years without any problem, without a doubt yes.

You know I laughed when MS presented IPv6 as an upgrade to IPv4. With the ability to bypass NAT security built into it. Talk about 1 step forward 10 back, give it time and a new storm will hit everyone who has jumped up to IPv6 that just installs it and doesn't do any security tweaking by leaving everything as a default.

Kind of like OS's and NOS's and leaving them set as default beyond creating extremely simple pass words.

No I am not saying anything about anyone who's been hit with this crap in the least. But if someone is in the business of Networking and IT Security and they got hit I feel bad for them because it really be very likely to happen if things are setup correctly, statistically.

Common home users and business users alike shouldn't be expected to just know how to avoid this kind of thing. But IT Professionals sure as hell should and if they don't learn when something like this happens they should consider some crash courses fast and CIO's FIO's CEO's should get off the money to send them to classes. On going education should be key to keeping IT Dept's level to or ahead of most issues. Also corporate subscriptions to various tech sites so they can interact with their peers and have brain storming chats and such, or just pass information on between each other, tricks, tweaks and past knowldge.

After all, business theses days IS the data on the network which includes email.

/me kicks soapbox back under the desk and slips back into wackybobo mode

anyway.. just my uneducated opinion


Powered by SkinBrowser!
[Message Edited]
Reply #52 Top
http://labrea.sourceforge.net/labrea-info.html
LaBrea: "Sticky" Honeypot and IDS
LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers connection attempts in such a way that the machine at the other end gets "stuck", sometimes for a very long time

Supported platforms
The latest version of LaBrea has been tested on:

OpenBSD
Linux
Solaris
Windows (98/ME/2000/XP)




Powered by SkinBrowser!
Reply #53 Top
SourceForge.net is the world's largest
Open Source software development website,
with the largest repository of Open Source code and applications available on the Internet. SourceForge.net provides free services to Open Source developers.


http://sourceforge.net/


Browse by Operating System:

http://sourceforge.net/softwaremap/trove_list.php?form_cat=199


Powered by SkinBrowser!
[Message Edited]
Reply #54 Top
IPlural, you can take all the precautions in the world to protect your machines from the virus but, as has been pointed out countless times and seemingly ignored on every occasion, the only thing you have to have done to be affected by this thing is give your e-mail address to someone. If your e-mail address is stored on someone's machine, regardless of whether that's in an address book, e-mail, text file, cached web page, or whatever, and that machine gets infected, then you'll start receiving hundreds of 'undeliverable mail' and 'virus alert' messages from mail servers who think you're sending them the virus due to your address being spoofed.

You can be the world's best IT expert, but unless you've never sent or received an e-mail in your life you're at high risk of being affected. If you haven't been affected then I can only congratulate you on your luck. The fact that so many of us have been affected means nothing whatsover about the security measures we may or may not have in place. It's all down to the lack of knowledge on the part of some unknown person elsewhere on the planet who happens to have encountered our e-mail addresses at some point.

Why is this so hard for people to understand? It's so frustrating to keep reading this nonsense from those who have so far managed to escape unscathed.
Reply #55 Top
Nonsence?

Look this isn't the first worm to hit the net that attacks address books, or web sites or servers. Dealing with personal systems is all anyone can do unless they happen to be in IT and in control or connected to the administration of servers. That is what I addressed above, personal computers and what one can do to protect their systems and my thoughts on the IT end of things.

As far as not being able to do anything goes. Take a look at Spamkiller, you might be suprise just how much that alone can do to keep the crap out of your box. Not stop it from being sent but killing it when it shows up.

Mcafee
http://us.mcafee.com/default.asp


Get the email you want and nothing else. McAfee SpamKiller quickly and easily helps you stop spam from polluting your inbox with advanced rule-based and list based filtering.

SpamKiller is THE Leading Anti-Spam Product for Consumers and Small Businesses

Benefits

With fraudulent, inappropriate and offensive emails being delivered in vast quantities to adults, children and businesses every day, spam protection is an essential component of your PC's security strategy. Whether you want to eliminate spam as quickly and easily as possible, or crave the power to fight back, McAfee SpamKiller is for you. No other email filtering solution offers so many features, or is as easy to set up and use.


Block emails using both lists and preset filters
Update internal filters automatically
Filter MSN/Hotmail, POP3 and MAPI email
Create custom filters
Quarantine spam outside of your inbox
Import "friends" automatically into your safe list
Monitor and filter multiple email accounts
Fight back against spammers
Report spam to McAfee


Kill the crap as it hits...




Powered by SkinBrowser!
[Message Edited]
Reply #56 Top


Key Features

24-hour protection provides vital Internet security for dial-up, DSL, and cable modem users.


ENHANCED! Ad blocking now stops even more banner ads, pop-up windows, pop-under windows, and other Web distractions.


LiveUpdate™ automatically downloads new security updates.**


Norton AntiVirus™ Professional Edition
NEW! Detects and blocks viruses in instant message attachments.

ENHANCED! Automatically removes viruses, worms, and Trojan horses.

Scans and cleans both incoming and outgoing email messages.

ENHANCED! Script Blocking and new Worm Blocking can detect new threats even before virus definitions are created for them.


Data recovery protects important applications and files from accidental deletion.


Norton™ Personal Firewall
Intrusion Detection automatically blocks Internet attacks.

NEW! Alert Assistant indicates the level of an Internet threat and helps you choose the best response.


NEW! Security Monitor displays the status of your Internet protection and lets you stop or resume all Internet traffic with a click of a button.


Automatic program control determines which programs can safely connect to the Internet.


Norton™ Privacy Control
ENHANCED! Prevents confidential information from being sent out without your knowledge.


Norton™ Spam Alert
NEW! Helps you keep junk mail out of your inbox by checking email coming in via popular POP3 clients such as Microsoft® Outlook® Express, Eudora®, and Netscape® Messenger.


Norton™ Productivity Control
Lets you block access to distracting newsgroups and Web sites.

Allows you to set up different Internet access privileges for each user.

Web Tools
NEW! Web Cleanup deletes unneeded files left over from Internet sessions.


NEW! Connection Keep Alive helps prevent dial-up Internet sessions from being interrupted.



** One year of Internet security updates included with purchase of Norton Internet Security 2003 Professional Edition; annual subscriptions available for subsequent online updates.



Powered by SkinBrowser!
Reply #57 Top
nope not a thing you can do about it....



Powered by SkinBrowser!
Reply #58 Top
I'll not post anymore in this thread, being nonsensical and all that.

nothing personal and nothing personal taken..




Powered by SkinBrowser!
Reply #59 Top
IPlural: Your advice is good, but it is hard for most people to follow what you mean. Don't forget you are a power user.

Example: For the average user it is hard to decide what MS updates to install. Often technical terms are used which are incomprehensible for average users. Even for a power user it is hard to decide what to install or not. 99.9% of such updates are OK. So, what is good advice? If you are uncertain then install it? In those rare situations where things can go wrong for some users one can often find information on the net how to correct installed bad MS updates. And you can always ask friends to help you out. There is this message board too of course.
Reply #60 Top
I'll not post anymore in this thread, being nonsensical and all that.

/me is puzzled. Nah. I don't think so. Please continue.
Reply #61 Top
TechRepublic.com
http://techrepublic.com.com/5100-6264_11-5065898.html?tag=ft

Blaster, Welchia, and SobigF pose triple threat to networks
August 20, 2003 | John McCormick | E-Mail



Rating: 5 / 5 | Rate this article
Discussions: 1 Post(s) | 1 NEW | View posts


Malicious intruders plus vulnerable networks and buggy software equals a security nightmare. Sleep better by subscribing to Builder.com's Development Security Spotlight e-newsletter. Each Tuesday, security expert John McCormick will provide you with the latest methods for keeping your development environment safe. Sign up instantly!




After several months of relative calm on the virus front with only low-level threats, last week the Blaster worm assaulted many networks and wreaked havoc on a lot of PCs. This week, the Welchia worm—which is actually supposed to remove Blaster—arrived and began causing additional problems. Not only that, but a hot new version of the old Sobig mass-mailing worm has turned lethal and begun infecting many systems with its own brand of mischief.






Powered by SkinBrowser!
Reply #62 Top
ah, sorry, won't do it again.. just thought some might like to read this



Powered by SkinBrowser!
Reply #63 Top
Yes, we all know we should have anti-virus protection on our machines IPlural. I personally also already use a spam filtering application, but without manually configuring it to recognise the messages I spoke about above it's pretty much useless for the average user in this situation. There's also the added problem that by filtering out the 'undeliverable mail' and assorted other mails, you lose the ability to tell if your legitimate mail has reached its destination. Many spam filters also only work once mail has been downloaded to a user's machine, which is something of a problem when you have around 30Mb of mail per day generated by the Sobig virus to download on a 56k connection.

Also, what is the point of copying and pasting the marketing blurb for these products here? A simple 'try McAfee SpamKiller' or 'try Norton Internet Security' would suffice.
Reply #64 Top
grayhaze: Yeah. Having a public e-mail address can cause that. But some people do not want to give in on the virii/worms/spams. But I agree that once you have your inbox filled with it then it is hard to get rid of it. But there is nothing wrong to try to prevent it in the future. And as IPlural pointed out there are several products that can assist you in that. Too bad we need to pay for that. The ISP subscription which I have includes anti-virus and firewall software. They also offer a spam protection. That helps.
Reply #65 Top
grayhaze: I was responding to post #54. Hehe. You people even write faster than I can read.
Reply #66 Top
actually I did mention those a number of times and yet was lambasted for being less than able to conceptualize or comprehend the situation.

evidently just pointing out those programs with a short comment exscaped some peoples eye.

as far as it goes, in the end if all you can do is filter your email for the next couple of days untli people get things cleaned up, then that is what has to happen sad to say but at the same time there are key constants about each one that is running around which you can very well filter out with a filter you create or an update that the respective programs company has created.

also you can filter out the unable to send errors and turn off return confirmations upon read in your email program.

amoung other things...





Powered by SkinBrowser!
Reply #67 Top
MadIce, exactly so on the ISP filtering.. that is on the IT end of things though and if they fell down on this it is a personal choice to continue service with them though because of the dynamic nature of the net, it is extreamly hard to play catch up on the IT end of things right in the middle of a situation such as this.



I remember when the worst thing you had to face was people sharing floppies

Your Computer is Stoned
Ambalance
Chars falling off the screen to pile up on the ottom of the screen
Displayed screen melting on you
Or the simple removal of the "C" from the ascii table on programmable keyboards...







Powered by SkinBrowser!
Reply #68 Top
anyway...

hope everyone gets this under control, good luck



Powered by SkinBrowser!
Reply #69 Top
Until now I have escaped e-mail virii/worms/spam, but to be secure I have just activated a spam filter and subscribed to a virus filter. Both are ISP filters. There are several options for the spam filter, but I have chosen to send it to another e-mail address (which was activated by my ISP for this purpose). They advised me to use their web-mail client or use a regular e-mail client with a virus filter. It turns out that the new virus filter can handle two POP accounts, so I added the second one to the spam account. Sounds good. Let's see what happens.
Reply #70 Top
It appears this latest email problem times out in a week or two and will ultimately cease to propagate....
Reply #71 Top
It appears this latest email problem times out in a week or two and will ultimately cease to propagate

Until the next version is released................



Powered by SkinBrowser!

Reply #72 Top
This isn't a solution to the problem, but it might help. Get hold of a 'lite' email checker (I use 'Poptray') which just lists the message headers on the mail server. You can then set rules to automatically delete the appropriate ones (which all seem to have one of about ten different headers) or delete them by hand. You can then launch your email client afterwards. That way the spam messages never get to your PC.
Reply #73 Top
MailWasher does the same thing (But you can also look at the whole message still
on the server before deleting it).  You can set it to bring up your mail
client as soon as it is done processing mail.  Quite handy until you set
4,000 email a day to sort through
Reply #74 Top
goodmorphing, no we are not all screwed...


I meant to say that we are all screwed even if we never ever get a virus. Internet traffic is slowed, businesses are blocked all over the place. Huge numbers of man hours are expended in purging the viri, cleaning their spam loads, repairing systems. I am sure that eventually some cost from this is going to filter down to everyone. I read last night that some college campus has blocked all e-mail access through its servers while it tried to delete them. That means all the students and all the family and friends who communicate with them are affected.
Reply #75 Top
It appears this latest email problem times out in a week or two and will ultimately cease to propagate....


I read this on MSNBC this morning...

Computer security experts were racing Friday to beat a 3 p.m. ET deadline to find and disconnect 20 computers from the Internet, a defensive move aimed at preventing the Sobig.F virus from unleashing a second — and perhaps more sinister — round of havoc.

THE VIRUS, which already has tormented companies and personal computer users by becoming the fastest e-mail outbreak ever seen, contains code that instructs infected computers to download an unknown program on Friday between the hours of 3-6 p.m. ET, said Chris Belthoff, senior security analyst with the antivirus firm Sophos. He said it is unclear what that program is, or what it might do to machines infected with Sobig.F.

*****

Another Sophos official, Carole Theriault, said the program also could be as innocuous as “a smiley face dances (that) across your screen.” But even if that’s the case, the sheer volume of Internet data converging on the 20 computer targets could significantly affect Internet performance.
The virus’ secret programming for a second phase was discovered late Thursday, when analysts found code within Sobig.F instructing infected machines to make contact with the 20 computers during the three-hour window on Friday and again from 3-6 p.m. ET on Sunday.


[Message Edited]