"the annoying part is that as complex as you can make software, you can't fix the people who are morons, which is where the real problem lies"
No, you are wrong. To suggest a user who clicks on an attachment that is sent to them by a person who is known to them, with a "part message" that may even be relevant to the attachement is a "moron", shows that you really don't have any respect for Users.
This worm caught the majority of SysAdmins by surprise, yes in hindsight we should have stopped.scr's, but our Marketing division sends and receives them sometimes, hence it was the only exec attachement we were not blocking... sigh.....
I'm not going to defend Microsft, but I will defend the users. This worm sends emails that look VERY much like ones that a user has sent or received. It really is a well designed "social engineering" virus.
Since our users had not had a virus hit their desk for 2 years, thanks to NOD32, they were really not expecting this one!
The norm was no response at all and often the worst offenders are the BIG ISPs in that department.
Eg. Telstra have a customer that regularly hits my network with broadcasts to a certain port which is presumably a misconfigured Innoculan (anti-virus) client. Do you think Telstra would bother to reply to me or pass on my message to their customer... Not likely!
I had a similar exp with Telstra, when I discovered that 20% of our 768Kb ATM was consumed by NNTP traffic. When I logged 2MB of NNTP packets it exposed that millions of hits/day attempting to get alt.comp.virus and this was the result of Hybris infected machines.
Telstra were very apathetic and would only firewall NNTP traffic for "two weeks". As it turns out, there really isn't any defence we could use except change our C CLass(Their suggestion). I then enquired "So what will that mean for the next person to get that IP?, can you flag the IP to give the next client an idea?" That resulted in a flat negative.
Since then I have left that employer, but I do wonder why Telstra's shares are dropping when they have this perfect revenue generator, as the NNTP traffic cost us about $2K/ month!
Slashdot Mirror
"the annoying part is that as complex as you can make software, you can't fix the people who are morons, which is where the real problem lies"
.scr's, but our Marketing division sends and receives them sometimes, hence it was the only exec attachement we were not blocking ... sigh.....
No, you are wrong. To suggest a user who clicks on an attachment that is sent to them by a person who is known to them, with a "part message" that may even be relevant to the attachement is a "moron", shows that you really don't have any respect for Users.
This worm caught the majority of SysAdmins by surprise, yes in hindsight we should have stopped
1 virus in 2 years... Go NOD32!
Rgds Ben.
I'm not going to defend Microsft, but I will defend the users. This worm sends emails that look VERY much like ones that a user has sent or received. It really is a well designed "social engineering" virus.
Since our users had not had a virus hit their desk for 2 years, thanks to NOD32, they were really not expecting this one!
Cheers, Ben.
Looks like it has changed to http://www.abc.net.au/news/2002/07/item20020731071 211_1.htm
Enjoy.
The norm was no response at all and often the worst offenders are the BIG ISPs in that department. Eg. Telstra have a customer that regularly hits my network with broadcasts to a certain port which is presumably a misconfigured Innoculan (anti-virus) client. Do you think Telstra would bother to reply to me or pass on my message to their customer... Not likely!
I had a similar exp with Telstra, when I discovered that 20% of our 768Kb ATM was consumed by NNTP traffic. When I logged 2MB of NNTP packets it exposed that millions of hits/day attempting to get alt.comp.virus and this was the result of Hybris infected machines. Telstra were very apathetic and would only firewall NNTP traffic for "two weeks". As it turns out, there really isn't any defence we could use except change our C CLass(Their suggestion). I then enquired "So what will that mean for the next person to get that IP?, can you flag the IP to give the next client an idea?" That resulted in a flat negative. Since then I have left that employer, but I do wonder why Telstra's shares are dropping when they have this perfect revenue generator, as the NNTP traffic cost us about $2K/ month!