Well think of other avenues of attack, VPN, Dial-up unpatches systems being
connected to your systems by vendors, just many many ways around the fun
"firewall will protect us from everything"

Z

Edward Ziots
Network Engineer
Windows/Citrix Administrator
Lifespan Organization
MCSE,MCSA,MCP+I,M.E,CCA

[ more ]  [ reply ]

Of courseâ?¦
I was referring to my servers for starters.
All laptops in our offices are protected and firewalled as well.
Thanks for the concern though!
â?º

________________________________________
From: jfvanmeter (at) comcast (dot) net [email concealed] [mailto:jfvanmeter (at) comcast (dot) net [email concealed]]
Sent: Monday, August 15, 2005 7:52 PM

[ more ]  [ reply ]

Yep correct, but easily brought in by one "out of compliance" infected
laptop.

Mike
-----Original Message-----
From: Meni Milstein [mailto:meni (at) menimilstein (dot) com [email concealed]]
Sent: Tuesday, August 16, 2005 6:00 AM
To: 'Mike'
Cc: focus-virus (at) securityfocus (dot) com [email concealed]
Subject: RE: Virus Outbreak Attacking MS05-039

As f

[ more ]  [ reply ]

Hi List,
Yesterday one of my customers was hit hard by what appears to be a variant
of zotob.
http://securityresponse.symantec.com/avcenter/venc/data/w32.zotob.b.html

This one was very (noisy) crashing services.exe and forcing re-boots on
unpatched WIN2K machines. The boxes we've had a chance to lo

[ more ]  [ reply ]

http://www.sophos.com/virusinfo/analyses/trojmhtredirh.html

[ more ]  [ reply ]

Hi all!

We have a WinNT4 server that is running DNS for our WAN.
Lately, it seems that our users who are browsing are being redirected
elsewhere.
A preliminary check of the system using Norton AV 2003 (fully-updated, of
course) revealed no infections, but a scan with ClamAV (20050725, also
fully

[ more ]  [ reply ]

This is the header of the same message I got

Return-Path: <michelenapoli@*.it>
X-Original-To: michelenappa@*.it
Delivered-To: michelenappa@*.it
Received: from Antigua-p2Dunnmayda.net (unknown [196.28.63.41])
by smtp-in2.email.it (Email.it) with SMTP id 6821EBC007
for <michelenappa@*.it>; Fri, 22

[ more ]  [ reply ]

Is someone harvesting email addresses for Spam or a future targetted attack? You are seeing the non bounced successful guesses?

Stiennon
--------------------------
Sent from my BlackBerry Wireless Handheld

-----Original Message-----
From: Joseph (Joe) Lynn <Joe.Lynn (at) tiniusolsen.co (dot) uk [email concealed]>
To: jiggl

[ more ]  [ reply ]

Hi all,

We are receiving similar emails...

My Outlook reads the attachment as 91 bytes.

When you extract the attachment however, it shrinks to 2 bytes.
When opened in Notepad, there is no data inside.

It is very strange, as I can't see how a virus like this would spread -
even if it is a failed

[ more ]  [ reply ]

Hi all, staff where I work recieved a lot of E-Mails like these a number of years ago so I submitted a sample to our antivirus supplier. They found these to be the result of an antivirus system doing an incomplete job of removing a virus during the E-Mails transit. These may possibly be the same t

[ more ]  [ reply ]

This information is unconfirmed but it was reported that the email was
sent from computers infected with the bagel Trojan.

Below is a google cache of isc.scans.org, had to use the cache since the
diary was already updated with new content.

http://64.233.167.104/search?q=cache:CTOjLghWLKcJ:isc.sans

[ more ]  [ reply ]

Yes, we have gotten about 2 of these types of emails. The file is a named 1.txt (61 Bytes in size) and the email subject is "1". We are a company with about 35 email addresses under our domain and have received viruses through some of them in the past. This strange email has come to 2 of our acco

[ more ]  [ reply ]

I have seen many of these emails as well. No idea what the cause is. I can only think of some sort of spam bot that someone is testing??

[ more ]  [ reply ]

Hi All,

our antivurs firewalls detects very strange activities in transfered
emails..

Emails have attachement "1.txt" and subject "1". Emails come to real
mailbox and some generict mailbox to many domains (com,at,cz and much
more) hosted on our servers in USA, Europe, Czech republic, Japan, Austra

[ more ]  [ reply ]

All viruses has numerous modified versions, malicious people modify
them to avoid its extiction
(http://www.symantec.com/avcenter/reference/striker.pdf).

Symantec uses a heuristical engine
(http://www.symantec.com/press/2002/n020320.html) to find out virus
ocurrences. This process consist to co

[ more ]  [ reply ]

Hi Salim,

I'll try to explain one of the many reasons which are behind this:

xyz1_Worm pattern 111111a:
xyz2_Worm pattern 111111b:
xyz3_Worm pattern 111111c:
xyz4_Worm pattern 111111d:
xyz5_Worm pattern 111111e:

Given the above scenario, I can choose to write 5 different (specific) sign

[ more ]  [ reply ]

hi,
i want to know somenthing about generic detecion for example symantec detect
some viruses and trojans as trojan.horse or backdoor.trojan why? why don't
they detect them as a special name to know more information about them to
fix what they do and thx.

im asking this question because i got ma

[ more ]  [ reply ]

>> -----Original Message-----
>> From: Alexis Villagra - VILSOL LatinAmerica [mailto:alexis (at) vilsol (dot) com [email concealed]]
.....
>> NIMDA - the antivirus ESET NOD32 detects but it says taht it can not
>> remove.
>> win32/Agent.AYTroyan - the antivirus ESET NOD32 detects but it says taht
>> it
>> can not remove.
>> New

[ more ]  [ reply ]

Dear List,

I have the following:

NIMDA - the antivirus ESET NOD32 detects but it says taht it can not remove.
win32/Agent.AYTroyan - the antivirus ESET NOD32 detects but it says taht it
can not remove.
NewHeur_PE - the antivirus ESET NOD32 detects it in the operating memory but
it says that it can

[ more ]  [ reply ]

sends to every user on MSN list

Asks why user email is on the "staff" page

http://www.pearljamtribute.com/staff.php?YOUREMAILHERE

sends an msdos UXE (was not brave enough to run it myself) that i assume
is a trojan/worm dropper.

can somebody please track this down and take that server offline b

[ more ]  [ reply ]

[Home users and small businesses can block ALL messages with
executable attachments too. Here's how to do it with Spampal, a free
anti-spam program for Windows:

http://www.spampalforums.org/phpBB2/viewtopic.php?t=6286

...yes, a spam filter can be used to block viruses! - Stu]

http://www.thereg

[ more ]  [ reply ]

Hey everyone,

Just wanted to let you all know that the SecurityFocus website has a new
look to it in response to reader feedback and suggestions. I encourage
you to take a peek if you haven't already.

http://www.securityfocus.com

If you have any comments on the new look, please send them to
rede

[ more ]  [ reply ]