Fake Email from AS members?

Advertise with us
shop deals on amazon
Rugged made
Arborist Forum

Help Support Arborist Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Even if you have AV the klez, opiserv, majista, supnova will knock the AV right out.It will bring the best SCSI machine right to it's knees. I gave you guys a $125. tip before I hope you did it.

Doug with that [email protected] will give you a head start to knowing your getting infected.

I have posted this pic to show you how to protect your PC
 
My mouse is excreting a tad, did Glen give me a virus?

I know Brian's e-mails are clean, he told me so!
It is painful when when I post though, please help!
 
Mark,

That's an impressive bit of gear in those photos.  I don't think it would be too much trouble to get up to speed on it in short order.  I'm thinking a couple hours ought to do it, but hey, it might take most of the day, so I'd better figure a whole day to be safe.  Maybe a safety factor of 2 beyond that would even be in order, but my gut feeling is still the couple hours.  Or are you talking from bare hardware?  If so the gut feeling would be two days.

Why do you ask?  Do you need a hand?  I'll be starting a new house next week but I should be available in a few months, maybe sooner if things go well.


Doug,

I was wrong after all!  I'd actually considered it was the other person but dropped your name in an attempt to appear balanced and not simply hostile toward him.

The thing with the particular virus is that even if you do put the aaa<tt></tt>@bbb.com (or whatever) address in your address book, since the virus itself contains SMTP code which it uses to send the message directly (as a second someone else), in the case of a bogus email target resulting in a bounce, the <i>other</i> false identity (under which the email was sent) should receive the undeliverable notice.&nbsp; In other words, you'll still not be aware of the virus' activity.&nbsp; I guess what I'm indirectly saying is that unless there's something about this virus I'm not considering, I think Mark's idea will not prove as fruitful as he intends.&nbsp; (Mark: I'll take further info either here in the open or privately, if you care to elucidate a little.&nbsp; I don't have near the experience with Windows stuff as you do and I like to learn most new things).

I buttress that last assertion with this: the first email I got had mrupley<tt></tt>@jps.net listed as the sender and rhellier<tt></tt>@comcast.net listed for the return-path.&nbsp; The message was stranded on my server for several hours while the server was attempting to forward it to an unavailable host.&nbsp; It eventually got through, but at the four hour mark an automated warning was sent by my server to rhellier (and accepted by their service) indicating the delay in attempted delivery.&nbsp; (If you know rhellier, ask them if they received such an email from my server at May 18 04:39:17 EST.)&nbsp; So assume for the moment that the message originated on your computer.&nbsp; Errors in transmission get sent to rhellier and my reply of anger goes to mrupley.&nbsp; The only way your computer is involved after the fact is that the first legitimate mail server which handles "your" message adds a header to it indicating when and from where (your IP address) it received the transmission.

Glen
 
Glens, I think you are correct in that I am at least partially responsible for this mess. I opened an attachment from a Senior Softball member and that was the start of major problems for me. I have been two weeks with Norton trying to clean this mess. It seems the virus/worm prevents the very program that I need to run to clean it. Marky Mark Help! Mike
 
Mike,

I hadn't thought you were "to blame".&nbsp; The fact that your name came up is really inconsequential but for the fact that you're in the address book on an infected computer.

These virus/worms are nothing more than programs that run in the background.&nbsp; They rifle through an address book for identifiers to "become" and to try to infect.&nbsp; They also rifle through the files on the host computer for items to send as attachments and for executable files (programs) to virally infect.&nbsp; In carrying out their tasks they can degrade both system and network connection performance.

They may see three names in an address book, create a message to send to the first, as the second (so far as the recipient would think), and as the third (so far as the mail transport system would think).&nbsp; There may be (and probably are [simpler]) virus/worms that would send their payload as the real user of the computer, and in such case if you'd had a bogus address like aaa<tt></tt>@aaa.com in your address book the failed delivery would bounce back to you and give indication something nefarious was going on.&nbsp; With this type of virus/worm, however, you'll never know about failed deliveries.&nbsp; I think the best thing to do is what I do: &nbsp;have some kind of running bar graph showing both incoming and outgoing data rates over the networking interface in use.&nbsp; There should typically be no traffic that wasn't initiated by the user, either directly or by having a program periodically fetch mail, for example, and <i>especially</i> no extended bursts of outgoing traffic (as would be evident by a virus sending a 128Kb message).

Incidentally, a.com is a reserved domain, aa.com is American Airlines, aaa.com is the American Automobile Association, aaaa.com is "Anything.com Ltd. (.ky)", etc.&nbsp; It might be best to use a "real" nonexistent domain rather than subject a "real" real one to such email traffic (as a matter of courtesy if nothing else).

I'm not interested at this time in going off on a tangent to explain it all, but Microsoft really pisses me off.&nbsp; The blame for this type of activity rests primarily at their irresponsible feet.&nbsp; I consider their operating systems and other software to be the largest viruses, and my systems have been free from their stuff for, well I forget how long.&nbsp; I think the seventh year is just about to start. &nbsp; I have no antivirus software other than for testing purposes (such as I did earlier in this thread) and about the worst problems I ever have is when I must stop and restart my netscape 4.8 because it's gotten too big after a couple weeks of hard use and slows down because it's swapping in and out between RAM and disk.

Microsoft wants to introduce their <a href="http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html">Palladium crap</a> in a misguided (perhaps "mislabeled" would be better) effort to combat this type of behavior.&nbsp; Don't buy into it.&nbsp; The only real effect it will have is the loss of control one will be able to have over their own computer.

Real life beckons me... but I want to close by saying I've not tried to prove anyone at fault or point any fingers in any way, except in an effort to help the poor folk become aware they have some junk in their teeth.&nbsp; I enjoy being helpful when I can, but I obviously lack the social skills necessary to be popular, so please always consider the best possible intention in what I say.

Glen
 
Glenn this was written by a friend who works for Symantec. Not every worm works like the Klez but you know that already RIGHT. Can it help you to stop a virus NO but it can give you a jumpstart before the timeline triggers the payload. If you deal with viruses like I do everyday than you will have a greater understanding that most users are not even aware of the virus before it's to late.

Even the most savy user can get infected Remember CODE RED!!!! How about the opiserv, nimda. Most people hop on the web, surf, play with Word and call it a day.

If you are running Linux that's great but it's a windoz world. Buck up and get used to it. Not everyone has the time or understanding to play with a kernel to there liking. Is the internet powered by Linux yes 73% but the users are windows. It is unfortunate that users get infected, we all cann't be perfect with every move on the web.



In closing please read the info from Norton it just cann't hurt.




Messages that claim that you can prevent the spread of email worms and Trojans by adding a special "trick" entry as the first contact in your email address book appear fairly frequently. Among the "names" that they suggest that you add to your address book are:

!0000
AAAAAA

The usual claim is that this will, in one way or another, stop the threat from spreading. While these are in the strictest definition of the word, not hoaxes (although the AAAAA version, with its recommendation to "Pass this on to all your friends" is close), like hoaxes, they should be ignored and not forwarded.

The following are two versions of these email messages, followed by Symantec Security Response recommendations.

The !0000 letter:
Who among us doesn't know someone who has experienced the embarrassment of unknowingly spreading a computer virus via their email address book? It's time to STOP this from happening by TAKING CONTROL of your email program!

For those who are unaware, many computer viruses spread themselves by sending themselves to everyone in your address book. Imagine how you would feel if you were unknowingly infected with a computer virus, and worse yet, your friends, family, and business contacts were being targeted by your computer! Well, if you want to avoid this sort of thing, here's a great tip:

This tip won't prevent YOU from getting any viruses (you have to scan those attachments yourself before opening them to do that), but it will stop those viruses from latching onto your address book and sending itself out to others.

To avoid spreading computer viruses, create a contact in your email address book with the name :
!0000 with no email address in the details.

This contact will then show up as your first contact. If a virus attempts to do a "send all" on your contact list, your pc will put up an error message saying that: "The Message could not be sent. One or more recipients do not have an e-mail address. Please check your Address Book and make sure all the recipients have a valid e-mail address."

You click on OK and the offending (virus) message would not have been sent to anyone. Of course no changes have been made to your original contacts list. The offending (virus) message may then be automatically stored in your "Drafts" or "Outbox" folder. Go in there and delete the offending message. Problem is solved and virus is not spread.

The AAAAA letter:
Subj: Protect your address book

<< Some of you might already know about this but I didn't and we were infected with that worm last week.

I learned a computer trick today that's really ingenious in it simplicity. As you may know, when/if a worm virus gets into your computer it heads straight for your email address book, and sends itself to everyone in there, thus infecting all your friends and associates. This trick won't keep the virus from getting into your computer, but it will stop it from using your address book to spread further, and it will alert you to the fact, that the worm has gotten into your system.

Here's what you do: first, open your address book and click on "new contact" just as you would do if you were adding a new friend to your list of email addresses. In the window where you would type your friend's first name, type in AAAAAAA. In the window below where it prompts you to enter the new email address, type in **REFERENCE REMOVED** . Then complete everything by clicking add, enter, ok, etc.

Now, here's what you've done and why it works: The "name" AAAAAAA will be placed at the top of your address book as entry #1. This will be where the worm will start in an effort to send itself to all your friends. But when it tries to send itself to AAAAAAA, it will be undeliverable because of the phony email address you entered (**REFERENCE REMOVED**). If the first attempt fails (which it will because of the phony address), the worm goes no further and your friends will not be infected.

Here's the second great advantage of this method: If an email cannot be delivered, you will be notified of this in your InBox almost immediately. Hence, if you ever get an email telling you that an email addressed to [email protected] could not be delivered, you know right away that you have the worm virus in your system. You can then take steps to get rid of it! Pretty neat, huh?

:D :p





Here's a pic of Linux power



Did Rupley get infected Yes Couldn't happen to a nicer guy LOL did he want to infect everyone else no. He just doesn't have an understanding of a virus or a 2100 for that matter .:D :p
 

Similar threads

B
My UP Equip Experience
2
Replies
35
Views
7K
Carla Ross
Carla Ross
H
Tutorial: make your own raker depth gauge supported by software tool
25 26 27
Replies
539
Views
56K
hannes69
H
Z
My sad 350 story and the quest for advice...
2
Replies
27
Views
2K
half_full
half_full
Bushmans
Not sure what to do
2 3
Replies
43
Views
2K
Bushmans
Bushmans
fearofpavement
How to tell if a saw may be stolen?
2
Replies
20
Views
7K
procarbine2k1
procarbine2k1

Latest posts

Back
Top