Re: I caught the NIMBDA Virus
In [EMAIL PROTECTED]">mid:[EMAIL PROTECTED], Victor B. Gonzalez [VBG] wrote:' VBG In actuality I have 2 AVs. pccillin Norton fully updated. I VBG manually choose to disable their running active on purpose. You'd have to do this anyway since having both doing realtime scanning could crash your system and even render it unbootable since the real time scanner startup at boot time would lead to conflicts. VBG One thing then I would need help with if someone would be so VBG kind. One, I understand The Bat! supports the AVG plugin, but VBG do I need AVG running all the time or can AVG simply launch VBG unnoticeably when I hit send to send mail out then just stop? No. You don't need AVG running all the time. The plug-in uses it as needed. VBG I would like AVG to only scan outgoing mail at all other VBG times remain inactive not scanning anything else. The plug-in is your friend then. -- -=] allie_M [=- {List Moderator} MUA: TB! v1.62 Christmas Edition ___ OS: WinXP Pro (SP1) Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
Hallo Victor, On Sun, 29 Dec 2002 00:18:41 -0500GMT (29-12-02, 6:18 +0100GMT, where I live), you wrote: VBG I would like AVG to only scan outgoing mail at all other VBG times remain inactive not scanning anything else. That's rather useless. Most viruses use their own smtp-client to deliver themselves at your outgoing smtp-server. Those that don't do that, use Outlook or OE to deliver their stuff. Therefore it won't do you any good to scan TB's outgoing mail. -- Groetjes, Roelof Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
Hello Mike, On Sun, 29 Dec 2002 04:48:14 + GMT (29/12/02, 11:48 +0700 GMT), Mike Alexander wrote: JA Could you please enlighten me as to what viruses TB! is susceptible JA to? You'll only be infected with a virus through TB! if you were JA foolish enough to launch the file without checking it first, or JA trusting the source explicitly, and still launching it. I agree. Except for Trojans of course. How can you ben infected through TB with a trojan? And as long as you keep all your mail incoming to text only. No, TB's HTML rendering engine does not allow code to run. And as long as you don't click on something sent to you by a friend. And as long as you don't click on something by accident. In both these cases, you have to either actually switch off the Warning feature in TB, or ignore the warning. so, accidents are not really possible, and TB will allow you to open the file sent to you by a friend, because TB assumes you know what you are doing when you click the warning away. I would not like TB to nanny me that far. And as long as you have AV software to make sure none of the above happens if you don't take the necessary precautions for one reason or another. There are enough people who don't run AV software for email, as long as they run TB. It is pretty difficult to start a received malware by accident from within TB. ;-) -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Important warning for aircraft pilots: Teeth that have been improperly filled cause problems with altitude or rapid decompressions. The higher pressure under the filling will cause excruciating pain and in rare instances can cause the tooth to explode. An exploding tooth would be distracting. Message reply created with The Bat! 1.62 Christmas Edition under Chinese Windows 98 4.10 Build A using an AMD Athlon K7 1.2GHz, 128MB RAM Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday, December 29, 2002, Roelof Otten wrote... VBG I would like AVG to only scan outgoing mail at all other times VBG remain inactive not scanning anything else. That's rather useless. Most viruses use their own smtp-client to deliver themselves at your outgoing smtp-server. Those that don't do that, use Outlook or OE to deliver their stuff. Therefore it won't do you any good to scan TB's outgoing mail. Depends on how you have it setup. Yes, it's rather useless if you have it as a plugin, as you said, some viruses contain their own smtp-engine. However, Norton 2002 (and maybe 2000) doesn't scan in the same way. It actually listens for connection attempts to port 25, and puts in an intermediary 'wall' to scan all the outgoing mail. IE: Before: TheBat - ISP SMTP After: TheBat - Norton - ISP SMTP So even if a virus such as klez was caught, Norton would probably catch it trying to send. - -- Jonathan Angliss ([EMAIL PROTECTED]) -BEGIN PGP SIGNATURE- Comment: Fingerprint: 676A 1701 665B E343 E393 B8D2 2B83 E814 F8FD 1F73 iQA/AwUBPg8cGCuD6BT4/R9zEQKTJgCfUSUpwHG42PRwf7Bpab9n5LeuodwAoOrw uSqCVyIqgJYbeXXAJhxIxg5U =iW/8 -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: I caught the NIMBDA Virus
Hello Victor, Sunday, December 29, 2002, 5:18:41 AM, you wrote: VBG -BEGIN PGP SIGNED MESSAGE- VBG Hash: SHA1 VBG Hello Mike, VBG I have no Virus plug ins that work with The Bat! and no VBG Anti-Virus scanner running active. VBG In actuality I have 2 AVs. pccillin Norton fully updated. VBG I manually choose to disable their running active on VBG purpose. I like my system to run quicker faster do not VBG appreciate the lag these types of programs create. I can appreciate that, but the faster systems these days hardly even hiccup with a real-time virus scanner working away. Right now I'm running Kaspersky AVP, which is set to scan all files all of the time, as well as 3 distributed computing programs plus a host of other background stuff ( 21 icons in the system tray !! ) and not a glimmer of a stutter as I type away and send mail lol BTW - as Roelof says, having 2 AV's real time scan is not a good idea even if your system is the fastest - they fight for control !! -- Best regards, Barry2 Using The Bat! v1.61 on Windows 98 4.10 Build Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[3]: I caught the NIMBDA Virus
Hello Victor, Sunday, December 29, 2002, 5:18:41 AM, you wrote: VBG In actuality I have 2 AVs. pccillin Norton fully updated. VBG I manually choose to disable their running active on VBG purpose. I like my system to run quicker faster do not VBG appreciate the lag these types of programs create. Er, don't :) That is, don't have 2 AVs as they will tend to crash your system if you run them both at the same time, and don't turn the AV you do have off. On any modern computer the the lag will be so small you won't notice it in terms of machine use. I use Norton and I don't even notice it's there on an Athlon Thunderbird 800 machine with 1.3 Gb of RAM. A Seriously, you absolutely should have a scanner. You could be one of MA the people passing on viruses to people. VBG Even if I had executed the virus and it be one of the worst VBG viruses in existence it really wouldn't have affected me in VBG the least. How do you know? And how do you know it won't affect someone else? VBG I've built my systems to be +virus proof and I can literally VBG catch over 400 different viruses in one shot and it wouldn't VBG make a difference to my information or OS boot stability. Victor, you really need to read the literature. There is no such thing as 100% virus/worm/Trojan proof. There is only a very high degree of protection. That's because each new incursion will result in a virus/worm/Trojan which you don't know about and which executes code you may not be protected against. VBG To be honest I don't even need my currently updated AVs. Yes, you do. :) MA Not having a scanner not only means you can get infected, it also MA means you can pass it on to other people. VBG You're right! you got me there. I know not every one has VBG systems plans in place like I do to fend off viruses, VBG Trojans worms. You may fend off most, but basically, even you if a triple-cycled sheep dip machine, you can till miss something. VBG I have plans on writing a report on how to operate VBG maintain a safe and healthy OS after I finish my spam report VBG and to be honest you've made a point I really didn't stop to VBG think about. I should check out what's already on the Net before leaping into writing something. I'm not saying you don't know enough or can't help people to learn some tricks, but your attitude to new threats and to passing on nasties seems a little naive. And that's not meant in any way offensively. VBG One thing then I would need help with if someone would be VBG so kind. One, I understand The Bat! supports the AVG plugin, VBG but do I need AVG running all the time or can AVG simply VBG launch unnoticeably when I hit send to send mail out then VBG just stop? You'd be much better off with the excellent Norton engine that you already have, running all the time. -- Best regards, Mikemailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: I caught the NIMBDA Virus
Hello Jonathan, Sunday, December 29, 2002, 5:33:26 AM, you wrote: JA I was after a specific example of a virus that affects TB!, as from JA the statement, it'd appear that you think there are viruses that are JA propagated via TB!, I'm not saying there are any, but I've not seen JA any. Of course, there are methods of getting viruses from websites, JA iframe and javascript for example, but none of those are specific to JA TB! I'd like to hear of an example that specifically affects TB! and JA doesn't require that you make some kind of user interaction, because JA if user interaction is required, then again, it's not specific to JA TB, but could be included in a floppy disk, CD, website, download, JA or whatever, at which point you'd have to run it anyway. Unlikely. Most viruses/worms/trojans are not program-specific. It's only the cr*p from the script kiddies that usually is, and that's just because they're using virus engineering software they've downloaded off a site and don't know any better. JA Not that I am worried, I run Sophos on our mail servers, so I'm JA not too worried about getting infected, but I'd still like to JA know which viruses you think affect TB! Yeah, Sophos is generally good, particularly in it's corporate form, as I said. Which viruses/worms/trojans? Any that are targeted at mail generically as opposed to OL/OE specific. TB is still software like any other and anything that would target the underlying mail engine i.e. that targets pop3, smtp etc will have an effect on TB. So, a generic which distributed itself by attaching to any sent message would affect TB as much as any other mail program. At least TB has it's own address book which solves one of the current problems :) Good. Actually, people cause far more problems these days by transmission rather than by their own misfortune :) -- Best regards, Mikemailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: I caught the NIMBDA Virus
Hello Thomas, Sunday, December 29, 2002, 2:21:19 PM, you wrote: TF How can you ben infected through TB with a trojan? Through an attachment for example. Even from a trusted source. And as long as you keep all your mail incoming to text only. TF No, TB's HTML rendering engine does not allow code to run. Code doesn't have to run in TB. You can download mail from a trusted source, save it to disk and run it from there. And you may never know you have the trojan as a good trojan will not affect your machine until, for example, the time comes for your machine to be used in a DDOS attack. And as long as you don't click on something sent to you by a friend. And as long as you don't click on something by accident. TF In both these cases, you have to either actually switch off the TF Warning feature in TB, or ignore the warning. so, accidents are not TF really possible, and TB will allow you to open the file sent to you by TF a friend, because TB assumes you know what you are doing when you TF click the warning away. I would not like TB to nanny me that far. And there is a good example of a security hole. How do you know your friend isn't passing on an infection, whether it be worm/virus or trojan? And as long as you have AV software to make sure none of the above happens if you don't take the necessary precautions for one reason or another. TF There are enough people who don't run AV software for email, as long TF as they run TB. It is pretty difficult to start a received malware by TF accident from within TB. If you're not convinced by my trusted source argument: It wasn't that long ago that Microsoft distributed a CD to 2000 developers at a Developers Conference which contained a virus/worm. And it was only a couple of years before that that Novell sent out 50k copies of it's what was then it's current networking product also containing a worm. ;-) -- Best regards, Mikemailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[4]: I caught the NIMBDA Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello Mike, MA Sunday, December 29, 2002, 5:18:41 AM, you wrote: VBG In actuality I have 2 AVs. pccillin Norton fully updated. MA Er, don't :) That is, don't have 2 AVs as they will tend to crash MA your system if you run them both at the same time A Seriously, you absolutely should have a scanner. You could be one of MA the people passing on viruses to people. VBG Even if I had executed the virus and it be one of the worst VBG viruses in existence it really wouldn't have affected me in VBG the least. MA How do you know? And how do you know it won't affect someone else? It could take me a long time to explain and is why I am writing the report. I have measures of methods that I've been following for a long time and they have proven well. VBG I've built my systems to be +virus proof and I can literally VBG catch over 400 different viruses in one shot and it wouldn't VBG make a difference to my information or OS boot stability. MA Victor, you really need to read the literature. There is no such MA thing as 100% virus/worm/Trojan proof. The answer is in your own statement. No such thing (AV) that is 100% malware proof. Day 1 - You update your AV with day 1 signature. Day 2 - New malware on loose. Next AV update is day 4. Day 3 - Malware infects your OS, melting your ice cream. MA There is only a very high degree of protection. That's MA because each new incursion will result in a MA virus/worm/Trojan which you don't know about and which MA executes code you may not be protected against. I've read somewhere that human error is 77% responsible for system failures. Human Error Vs. Malware If that is the case then I am willing to bet (just a bet) the remaining 27% who protected against a virus but catches one fall into the 77% of human error. VBG To be honest I don't even need my currently updated AVs. MA Yes, you do. :) MA Not having a scanner not only means you can get infected, it also MA means you can pass it on to other people. I agree, I apologize. Though my smarts and methods might prove great against an attack on my OS, I only agree because I wasn't thinking about everyone else when it came to my OS. VBG You're right! you got me there. I know not every one has VBG systems plans in place like I do to fend off viruses, VBG Trojans worms. MA You may fend off most, but basically, even you if a triple-cycled MA sheep dip machine, you can till miss something. what? VBG I have plans on writing a report on how to operate VBG maintain a safe and healthy OS after I finish my spam report VBG and to be honest you've made a point I really didn't stop to VBG think about. MA I should check out what's already on the Net before leaping into MA writing something. I'm not saying you don't know enough or can't help MA people to learn some tricks, but your attitude to new threats and to MA passing on nasties seems a little naive. And that's not meant in any MA way offensively. No offense taken what so ever :) A good debate is the father of a good report. I was though for the record not mentioning writing a report about AVs but a report on good system maintenance. The future report is mainly aimed at protecting yourself and not others; but what is safety with a disregard of it towards others? You're right and I am not upset. I can only thank you for your point of view on the subject. VBG One thing then I would need help with if someone would be VBG so kind. One, I understand The Bat! supports the AVG plugin, VBG but do I need AVG running all the time or can AVG simply VBG launch unnoticeably when I hit send to send mail out then VBG just stop? I do still prefer a plug-in VS. full system watch AVs. Which is the best freeware version out? I don't really like the idea of paying for another anti-virus scanner :( MA You'd be much better off with the excellent Norton engine that you MA already have, running all the time. NAV is a part of my NSW2002 Pro package and I don't have it installed. Does it have plug-in support because then maybe I'll pull it out of the box? I do have MicroTrend PC-cillin 2000 installed and it is actively updated but it fails to catch incoming outgoing virus attachments :( - -- Best regards, Victor B. Gonzalez [EMAIL PROTECTED] Using The Bat! v1.62 Christmas Edition Windows XP 5.1 Build 2600 Service Pack 1 -BEGIN PGP SIGNATURE- Comment: Request My PGP Public Keys - [EMAIL PROTECTED] iQA/AwUBPg/c/13LB35+TCg0EQLEfQCg3dtk5+3kCQYUmJAqYtDYR17Xxe0AoND9 z1ZysyRUORxbtMG1OrrWm2Ms =NOhf -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday, December 29, 2002, Mike Alexander wrote... JA I was after a specific example of a virus that affects TB!, as from JA the statement, it'd appear that you think there are viruses that are JA propagated via TB! Unlikely. Most viruses/worms/trojans are not program-specific. It's only the cr*p from the script kiddies that usually is, and that's just because they're using virus engineering software they've downloaded off a site and don't know any better. Blah, some of the most recently ones are easily coded in delphi, and would take no more than 30mins to make. I still seem to be missing your point though, from your statement, you made it seem like there were viruses that specifically targetted TB!... but now you're saying all programs in general? A rather obvious statement, and something most people that watch the news would probably be aware of. Any that are targeted at mail generically as opposed to OL/OE specific. Which are? TB is still software like any other and anything that would target the underlying mail engine i.e. that targets pop3, smtp etc will have an effect on TB. Not really... I've not seen one that specifically uses TB!'s mail handling to do its work, and in fact have only seen ones that use Outlook (Express) to do that, or have their own custom handler to do so (see Klez again). So, a generic which distributed itself by attaching to any sent message would affect TB as much as any other mail program. Er, only if you were foolish enough to execute the attachment from a trusted point of view. If you are 100% sure of the source, and trusted it explicitly, you're bound to cause yourself problems. At least TB has it's own address book which solves one of the current problems :) Not really. The addressbook files are readable in notepad, and I can grab email addresses that way. The mail base files (.tbb) are also readable in notepad, which would also contain addresses. Just as a point on this: http:[EMAIL PROTECTED] Bugbear reads .tbb files for email addresses ;) - -- Jonathan Angliss ([EMAIL PROTECTED]) -BEGIN PGP SIGNATURE- Comment: Fingerprint: 676A 1701 665B E343 E393 B8D2 2B83 E814 F8FD 1F73 iQA/AwUBPg/fiiuD6BT4/R9zEQIAxwCggsWPoT5R3+pdu/rVxdljMwL4EPwAnjDa RxDMXa3rESkuSK6L/HjiPKDT =HwAE -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
I caught the NIMBDA Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello tbudl, I have no Virus plug ins that work with The Bat! and no Anti-Virus scanner running active. I was cleaning my hard drive out and came across a message titled: l2_button_myphonebook_page Within it were two attachments Message.htm Readme.exe Knowing it'll be stupid to launch anything entitled readme.exe I decided the hell with it let me double click it and The Bat! quickly intercepted and said... This file is not allowed for opening under any circumstances... Very cool!, I downloaded it to my hard drive and said the hell with it, I'll scan it. PC-cillin said it was infected with the PE_NIMBDA.A-0 Virus. The moral of the story is if The Bat! wasn't so smart I would have been proven to be real stupid. Nice catch. I just thought I would share that with you all. BTW, 4 years on-line and this is my first catch :) Is it a sign? Wierdest thing is it was actually located on a shared drive on the network. It wasn't really on my PC to begin with but was in a shared folder that no one really touches. hmmm I will look up this virus and slap the owner. If only it we're that easy huh... Oh,well - -- Best regards, Victor B. Gonzalez [EMAIL PROTECTED] Using The Bat! v1.62 Christmas Edition Windows XP 5.1 Build 2600 Service Pack 1 -BEGIN PGP SIGNATURE- Comment: Request My PGP Public Keys - [EMAIL PROTECTED] iQA/AwUBPg37eV3LB35+TCg0EQIABACg20S93ek8R/+vpjhgiL9cB2ysUvkAoLu9 Eyzr6QrSizME1Fbrx7McrjfP =r66x -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
Hi Victor, on Sat, 28 Dec 2002 14:29:05 -0500GMT (28.12.02, 20:29 +0100GMT here), you wrote in [EMAIL PROTECTED]">mid:[EMAIL PROTECTED] : VBG I have no Virus plug ins that work with The Bat! and no VBG Anti-Virus scanner running active. You should have at least the latter... ;-) VBG ... VBG Knowing it'll be stupid to launch anything entitled VBG readme.exe I decided the hell with it let me double click it VBG and The Bat! quickly intercepted and said... VBGThis file is not allowed for opening under any VBGcircumstances... Lucky you for not having changed TB!'s default settings. *S* VBG Very cool!, I downloaded it to my hard drive and said the VBG hell with it, I'll scan it. PC-cillin said it was infected VBG with the PE_NIMBDA.A-0 Virus. See. VBG The moral of the story is if The Bat! wasn't so smart I VBG would have been proven to be real stupid. Yes, indeed, you would have! :) VBG Nice catch. I just thought I would share that with you all. VBG BTW, 4 years on-line and this is my first catch :) VBG Is it a sign? It is certainly a sign that you should watch which files to download and execute... ;-) -- Cheers Peter It takes more than three weeks to prepare a good impromptu speech. Mark Twain Winamp currently playing: Rare Bird - Flight Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
Hello Victor, Saturday, December 28, 2002, 7:29:05 PM, you wrote: VBG Hello tbudl, VBG I have no Virus plug ins that work with The Bat! and no VBG Anti-Virus scanner running active. Yikes!! Victor, please promise me you'll never, ever email me? Thanks. Then when I get a message from you I'll know it's definitely one of the viruses you've caught. ;-) Seriously, you absolutely should have a scanner. You could be one of the people passing on viruses to people. While I realise TB isn't prone to some of the viruses out there (a good reason for having it) it is still prone to a lot of the other viruses/worms that are around. Not having a scanner not only means you can get infected, it also means you can pass it on to other people. Personally, I use Norton AntiVirus as it consistently detects more of the nasties in tests than anything else. The only other one I could recommend would be Sophos Sweep which, in it's corporate form is good also. But please, get something. -- Best regards, Mike mailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Saturday, December 28, 2002, Mike Alexander wrote... While I realise TB isn't prone to some of the viruses out there (a good reason for having it) it is still prone to a lot of the other viruses/worms that are around. Could you please enlighten me as to what viruses TB! is susceptible to? You'll only be infected with a virus through TB! if you were foolish enough to launch the file without checking it first, or trusting the source explicitly, and still launching it. Not having a scanner not only means you can get infected, it also means you can pass it on to other people. Personally, I use Norton AntiVirus as it consistently detects more of the nasties in tests than anything else. The only other one I could recommend would be Sophos Sweep which, in it's corporate form is good also. But please, get something. Not that I am worried, I run Sophos on our mail servers, so I'm not too worried about getting infected, but I'd still like to know which viruses you think affect TB! - -- Jonathan Angliss ([EMAIL PROTECTED]) -BEGIN PGP SIGNATURE- Comment: Fingerprint: 676A 1701 665B E343 E393 B8D2 2B83 E814 F8FD 1F73 iQA/AwUBPg5fbiuD6BT4/R9zEQJupQCfZsY6oAYeTKJ7AsCHEhOuzzcFPF4AoOfi R35poGsMhTxu66DKXiA5WFnx =9EbY -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
Hello Victor, On Sat, 28 Dec 2002 14:29:05 -0500 GMT (29/12/02, 02:29 +0700 GMT), Victor B. Gonzalez wrote: Knowing it'll be stupid to launch anything entitled readme.exe I decided the hell with it let me double click it and The Bat! quickly intercepted and said... This file is not allowed for opening under any circumstances... Very cool!, Check out the settings under Options / Preferences / Warnings and see why this happened. ;-) -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Two wrongs are only the beginning. Message reply created with The Bat! 1.62 Christmas Edition under Chinese Windows 98 4.10 Build A using an AMD Athlon K7 1.2GHz, 128MB RAM Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
Actually, I tried to allow PDF's on that screen and it still prompts me :- / -Original Message- From: Thomas Fernandez [EMAIL PROTECTED] To: Victor B. Gonzalez on TBUDL [EMAIL PROTECTED] Date: Sun, 29 Dec 2002 09:59:10 +0700 Subject: Re: I caught the NIMBDA Virus Hello Victor, On Sat, 28 Dec 2002 14:29:05 -0500 GMT (29/12/02, 02:29 +0700 GMT), Victor B. Gonzalez wrote: Knowing it'll be stupid to launch anything entitled readme.exe I decided the hell with it let me double click it and The Bat! quickly intercepted and said... This file is not allowed for opening under any circumstances... Very cool!, Check out the settings under Options / Preferences / Warnings and see why this happened. ;-) -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Two wrongs are only the beginning. Message reply created with The Bat! 1.62 Christmas Edition under Chinese Windows 98 4.10 Build A using an AMD Athlon K7 1.2GHz, 128MB RAM Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
Hello Francis, On Sat, 28 Dec 2002 22:49:49 -0500 GMT (29/12/02, 10:49 +0700 GMT), Francis Mendez wrote: Actually, I tried to allow PDF's on that screen and it still prompts me :- Have you taklen *.PDF off the Disable list and put it under Enable without warning? Also, the file might have a double ending, and that may cause another warning, which you can get rid off by clearing the tickbox. -- Cheers, Thomas. Moderator der deutschen The Bat! Beginner Liste. Drink wet cement: Get Stoned. Message reply created with The Bat! 1.62 Christmas Edition under Chinese Windows 98 4.10 Build A using an AMD Athlon K7 1.2GHz, 128MB RAM Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: I caught the NIMBDA Virus
Hello Jonathan, Sunday, December 29, 2002, 2:35:22 AM, you wrote: JA Could you please enlighten me as to what viruses TB! is susceptible JA to? You'll only be infected with a virus through TB! if you were JA foolish enough to launch the file without checking it first, or JA trusting the source explicitly, and still launching it. I agree. Except for Trojans of course. And as long as you keep all your mail incoming to text only. And as long as you don't click on something sent to you by a friend. And as long as you don't click on something by accident. And as long as you have AV software to make sure none of the above happens if you don't take the necessary precautions for one reason or another. Before Windows, there was, and still is, *nix in it's various flavours. There are more viruses/worms, because of it's long history for *nix than for any other OS. And they are mostly adaptable. Now that Macs run a Unix system I expect to see far more of these around now as there is finally a user base big enough to make it worth the while of crackers to write for it. These do not rely in anyway on vulnerabilities in Windows and are often generic (i.e. cross platform). So, yes, I do agree with you providing you never make a mistake ;-) JA Not that I am worried, I run Sophos on our mail servers, so I'm not JA too worried about getting infected, but I'd still like to know which JA viruses you think affect TB! Good. Actually, people cause far more problems these days by transmission rather than by their own misfortune :) -- Best regards, Mikemailto:[EMAIL PROTECTED] Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re[2]: I caught the NIMBDA Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello Mike, VBG I have no Virus plug ins that work with The Bat! and no VBG Anti-Virus scanner running active. In actuality I have 2 AVs. pccillin Norton fully updated. I manually choose to disable their running active on purpose. I like my system to run quicker faster do not appreciate the lag these types of programs create. MA Yikes!! Victor, please promise me you'll never, ever email me? Thanks. MA Then when I get a message from you I'll know it's definitely one of MA the viruses you've caught. ;-) hehe, ok. But I cannot promise I'll never e-mail you :) MA Seriously, you absolutely should have a scanner. You could be one of MA the people passing on viruses to people. Even if I had executed the virus and it be one of the worst viruses in existence it really wouldn't have affected me in the least. I've built my systems to be +virus proof and I can literally catch over 400 different viruses in one shot and it wouldn't make a difference to my information or OS boot stability. To be honest I don't even need my currently updated AVs. MA Not having a scanner not only means you can get infected, it also MA means you can pass it on to other people. You're right! you got me there. I know not every one has systems plans in place like I do to fend off viruses, Trojans worms. I have plans on writing a report on how to operate maintain a safe and healthy OS after I finish my spam report and to be honest you've made a point I really didn't stop to think about. One thing then I would need help with if someone would be so kind. One, I understand The Bat! supports the AVG plugin, but do I need AVG running all the time or can AVG simply launch unnoticeably when I hit send to send mail out then just stop? I would like AVG to only scan outgoing mail at all other times remain inactive not scanning anything else. I am right now going to test sending nimbda to myself while pccillin has pop3 mail scan active :) I'll let you know ;) - -- Best regards, Victor B. Gonzalez [EMAIL PROTECTED] Using The Bat! v1.62 Christmas Edition Windows XP 5.1 Build 2600 Service Pack 1 -BEGIN PGP SIGNATURE- Comment: Request My PGP Public Keys - [EMAIL PROTECTED] iQA/AwUBPg6FoF3LB35+TCg0EQI9NgCfQlf51IPlNcQSVpbe5Lpn5YKt9mIAn13x c6BtKkaAPH+rj9t74KBsgo0U =aSEJ -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: I caught the NIMBDA Virus
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Saturday, December 28, 2002, Mike Alexander wrote... JA Could you please enlighten me as to what viruses TB! is JA susceptible to? You'll only be infected with a virus through TB! JA if you were foolish enough to launch the file without checking it JA first, or trusting the source explicitly, and still launching it. I agree. Except for Trojans of course. I was after a specific example of a virus that affects TB!, as from the statement, it'd appear that you think there are viruses that are propagated via TB!, I'm not saying there are any, but I've not seen any. Of course, there are methods of getting viruses from websites, iframe and javascript for example, but none of those are specific to TB! I'd like to hear of an example that specifically affects TB! and doesn't require that you make some kind of user interaction, because if user interaction is required, then again, it's not specific to TB, but could be included in a floppy disk, CD, website, download, or whatever, at which point you'd have to run it anyway. JA Not that I am worried, I run Sophos on our mail servers, so I'm JA not too worried about getting infected, but I'd still like to JA know which viruses you think affect TB! Good. Actually, people cause far more problems these days by transmission rather than by their own misfortune :) Indeed, gone are the days where to spread a virus, it'd require you to grab a copy on floppy disk, and execute the program, causing infection. Of course, in most cases of infection (more specifically recently in the last year) those infected never know until somebody manages to track down the sender (see Klez), and let them know. - -- Jonathan Angliss ([EMAIL PROTECTED]) -BEGIN PGP SIGNATURE- Comment: Fingerprint: 676A 1701 665B E343 E393 B8D2 2B83 E814 F8FD 1F73 iQA/AwUBPg6JKyuD6BT4/R9zEQJX3wCgkhd8tsPefOH0DG2YLURUxjXfoAQAoIGh 7Yrzl7fSpjMlRHFCHQf/YPPN =kDEY -END PGP SIGNATURE- Current version is 1.62 | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html