l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2004 Mar 04 00:45

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [lugod@livepenguin.com: [vox] ello! =))]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lugod@livepenguin.com: [vox] ello! =))]



I got like 5 of these before UC Davis virus filters managed to pick up the signature and squelch it. Never understimate the user.

ClamAV also managed to pick up the signature and filter 3 of them to my "probably-virus" mailbox. And before either of these checkers were squelching the virus, I saw on Symantec's website that they can detect the virus.

Virus checkers must have other strategies - remember, in the days when virus writers were actually clever, they would do all kinds of things (probably including encryption) to disguise viruses from virus software and technically oriented users. And virus checkers have to have the infrastructure to deal with this.


On 2004.03.03 20:55, Rod Roark wrote:
A couple of these have indeed come through the list.  They
seem to contain encrypted zip files, so there's no signature
for the virus checkers to recognize.

On the other hand they will require the user to be both dumb
enough and conscious enough to enter the password supplied
with the email to decrypt the payload, so it seems unlikely
we'll see much replication of these.

-- Rod

On Wednesday 03 March 2004 06:07 pm, R. Douglas Barbieri wrote:
> Has anyone else been getting this message? It contains a zip file with
> an .exe file in it...gee, do you think it's a windows virus? ;-)
>
> I just find the to and from addresses interesting...
>
> ----- Forwarded message from lugod@livepenguin.com -----
>
> To: vox@livepenguin.com
> From: lugod@livepenguin.com
> Subject: [vox] ello! =))
> Date: Wed, 03 Mar 2004 19:44:43 -0600
> X-Bogosity: No, tests=bogofilter, spamicity=0.000000, version=0.13.6.2,
algorithm=fisher
>
> Looking forward  for  a response :P
>
> pass: 36606
>
>
>
> ----- End forwarded message -----
_______________________________________________
vox mailing list
vox@lists.lugod.org

--
I usually have a GPG digital signature included as an attachment.
See http://www.gnupg.org/ for info about these digital signatures.
My key was last signed 10/14/2003. If you use GPG *please* see me about
signing the key. ***** My computer can't give you viruses by email. ***

Attachment: pgp00003.pgp
Description: PGP signature



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.