Re: Virus Checking for your e-mail

["Duncan Fletcher" <dfletche@gte.net>]

Viruses (or worms) are not transmitted in the e-mail itself, but in the
attachments. Yes, Outlook Express will open the e-mail in the preview pane
(although that can be shut off), but opening the e-mail does not open the
attachment. There are two exceptions. The first is the kak worm which is
because of a bug in Internet Explorer, but Microsoft had a patch out to fix
this bug long before the kak worm was created. The other is more generic and
is related to your security settings. Default settings are sufficient
prevent this: (Internet Explorer: Tools/Internet Options/Security/Internet/
should be set to Default Level. Default is medium and is sufficient. If for
some reason that has been altered using Custom Level to something lower,
then Outlook Express can be made more restrictive. Outlook
Express/Tools/Options/Security and change to Restricted - the default is
Internet and that is sufficient if the settings in Internet Explorer are set
to Default).

Anti virus checking software is useful, but it is not failsafe. A couple of
these worms progagated through the list within a week or so release leaving
folks vulnerable even with check software. Mine is way out of date. I have
opened almost every e-mail with a worm (or virus) attachment that has passed
through this (and several other lists). But I am very careful about opening
attachments and I install the security patches as they become available. I
have not been infected. Attachments from friends is the most likely to carry
a worm because the worms usually use existing entries in an address book to
propagate. The key to attachments is not who it is from, but the nature of
the attachment. Do not open a file unless you know it to be a type that is
safe (.eml, .gif, .jpg, .txt are the most common). Exactly which others are
safe depends somewhat on your software.

Attachments can be misleading if you have file extensions turned off in
windows. A file name xxx.txt.exe (which is an executable will appear as
xxx.txt. Solution: Go to Windows Explorer/tools/folder options/View and
uncheck Hide Files Extensions For Known Types.

The use of non MS e-mail reader on a Windows Platform is just as vulnerable
to worms as OE (but may not propagate it if the propagation is through a MS
Address Book). All (including Macs) are vulnerable, but it is difficult to
propagate a Mac worm/virus in world of primarily Windows computers, so there
aren't many out there. A Java worm could be written that would damage
computers regardless of operating systems.

Duncan Fletcher
dfletche@gte.net


----- Original Message -----
From: "Michael Maul" <Michael.Maul@nsc.com>
>
> 1.  If you are using the internet - you need an antivirus program on your
PC.
> In my view - if you don't - you will not be on the internet long before
you
> get something you didn't want.
> You can use any of the standard ones - Norton, Mcafee - I don't think
there
> is a lot of difference between them if used properly.
>
> 2. Used properly - means frequent updates of the data files.  In most of
these
> programs - there is an update menu item that will do it automatically if
> you are on-line.  Typically you get 1 year of updates when you purchase
the
> program - you may have to pay after that for a subscription. I update
every two
> weeks and if something new comes out on the news like Melissa - I update
> as soon as the antivirus companies have a fix.  Some antivirus companies
may
> only update once a month but you have to know when or you could be a month
> w/o a current update.
>
> 3. Used properly also means you need to check e-mail as it is
> downloaded - not just when an attached program is executed.
> If you just check on execution - then some of the recent MS Outlook virus
> may be missed.  My understanding is that some of the problems occur as
soon as
> Outlook and Outlook express load the message into your Inbox without you
even
> reading the message.
>
> If you look at the options with your antivirus program - there should be
an
> option to check e-mail as it comes in - McAfee VirusShield does this. It
may
> say check incoming files or check e-mail.
>
> If you use Microsoft Outlook or Outlook Express for your mail - you are
more at
> risk because many take advantage of capabilities in these tools. They use
your
> address book to send infected copies to everyone listed.
>
> My understanding is that if you use Netscape, Eudora, or a number of other
> mail tools - you will not be propagating the MS based ones but your system
> can still be damaged.
>
> I believe that getting the group e-mail in digest form is safer - some of
the
> digests will not include attachments but I don't guarantee it.  In
addition -
> as long as you don't open the attachments - I believe that getting your
> e-mail at an online account like hotmail, yahoo is safer because the
> mail is never on your system.  Anyone who knows more about this - I would
> appreciate comments.
>
> Bottom line is that you really do need antivirus software today and to
update
> the virus descriptions frequently. About 100 new ones appear each month.
>