I'm using a scrubber system that cleans mail before forwarding to mail servers. This usually does the job. Even with the scrubber and recent virus scanners (updated weekly) on servers and workstations, the goner and 7 dwarfs payloads got through to internal targets.
Fortunately, I got to them before the other users and determined the threat. This prompted an all hands email warning of the issue. Unfortunately, not everyone paid attention to my email and it got loose. One can only do so much. Remember, educating users goes a very long way to keeping things secure! Danny -----Original Message----- From: Stephen Bradley [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 06, 2001 9:56 AM To: [EMAIL PROTECTED]; Cox, Danny H. Subject: RE: DHCP not working although not perfect, using procmail and sanitizer on sendmail and a cheap pc running linux certainly helps slow them down. you have to make an effort to open or run anything and hopefully your virus software will catch it at that time. works for us. steve >>> "Cox, Danny H." <[EMAIL PROTECTED]> 12/06/01 12:02PM >>> --------------------- Attention ----------------------------- A digest version of this list is now available. Send email to [EMAIL PROTECTED], with the following message: subscribe gb-users-digest your_email_address Then unsubscribe from this list. ------------------------------------------------------------- GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi Send postings to: [EMAIL PROTECTED] Access the list archives at: http://www.gnatbox.com/gb-users/ ------------------------------------------------------------- Be advised that several members are sending messages to the group that have 2 new virus attached. Goner.scr (don't remember actual sig. name), W32/Hybris.gen@MM (in sexy virgin.scr), and I have seen W32/Aliz in a "whatever.exe" file. The latest version of McAfee (released last night) will ident them. The one from 12/04 will not. Sorry for the bad news. I'm just glad it was not me that sent them! Danny H. Cox -----Original Message----- From: Paul Dawson [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 06, 2001 2:43 AM To: [EMAIL PROTECTED] Subject: DHCP not working --------------------- Attention ----------------------------- A digest version of this list is now available. Send email to [EMAIL PROTECTED], with the following message: subscribe gb-users-digest your_email_address Then unsubscribe from this list. ------------------------------------------------------------- GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi Send postings to: [EMAIL PROTECTED] Access the list archives at: http://www.gnatbox.com/gb-users/ ------------------------------------------------------------- Could this be why? These two networks are sub-netted 255.255.255.128 NAT: bActiveTunnelCreate() failed UDP [10.36.122.45/138]->[10.36.160.1/559]->[10.36.160.23/138]. -- Paul Dawson ----------------------------------------------------------------- ITX Security Specialist Tel: 266-7800 (ext 8018) Fax: 266-7932 [EMAIL PROTECTED] ----------------------------------------------------------------- "In the end everybody dies .... but some people have never lived!" "The information in this email and in any attachments is confidential and intended solely for the attention and use of the named addressee(s). This information may be subject to attorney and client or other privilege. It must not be disclosed to any person without Intekom's permission. Please note that the recipient must scan this e-mail and any attached files for viruses and the like. ITX accepts no liability of whatever nature for any loss, liability, damage or expense resulting directly or indirectly from the access of any files which are attached to this message." ---------------------------------------------- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe gb-users your_email_address in the body of the message ---------------------------------------------- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe gb-users your_email_address in the body of the message
