This information is to help
both home users and users which run a website.
For those of you who didn't know, there is a new virus called Sobig.f sometimes know as ( W32.Sobig.F@mm ).
After the virus infects a machine it simply plucks an e-mail address from that machines contact file to use as the 'from' address in the e-mail and uses its own SMTP engine to send messages to all e-mail addresses in the machines contact file. So if you are getting e-mail advising that you sent this virus, you don't necessarily have the virus on your computer.
A removal tool has been made availble at Symatec -
http://www.symantec.com/avcenter/ve...moval.tool.html
Because of the way the virus works it has been sending mass email and has started to crash networks around the world.
This virus is the first of a new breed of virus which will be efecting all of us.
For more information on this virus and to get an idea of the reasons behind the virus and the new next level viruses we need to protect aganst, please visit -
http://www.silicon.com/news/500013-500001/1/5719.html
For advice on virus security try the following sites,
http://securityresponse.symantec.com/
http://www.f-secure.com/virus-info/
http://www.f-secure.com/virus-info/hoax/
http://www.sophos.com/virusinfo/
http://www.sophos.com/virusinfo/hoaxes/
Security tips! Always make sure your windows are updated to the latest secruity levels. To do this you need to download the
latest critical windows updates .
To do this visit -
http://windowsupdate.microsoft.com/
For online advise from experts that may be able to point you in the right direction i would recommend visiting experts exchange.
To do this visit -
http://www.experts-exchange.com/
You may also want to install a firewall. Zonelabs offer a very popular and recommended firewall for free called
Zone Alarm .
To get zonealarm visit -
http://www.zonelabs.com/store/conte...zap_za_grid.jsp
IMPORTANT! You need a firewall which blocks outgoing ports in able to contain the sobig virus and others like it, i am not sure if the
free version of zone alarm does this.
You may also want to consider configering your email - client to stop certain file extenstions. Some of the most dangerous are listed below. Extentsions in bold are the most assioated with the sobig virus. You may also want to contact your hosts if you run a website and advise them to do this.
ade
adp
bas
bat
chm
cmd
com
cpl
eml
exe
hlp
hta
inf
ins
isp
jse*
lnk
msc
msi
msp
mst
pcd
pif
reg
scr
sct
shs
url
vbs
vbe
wsf
wsh
wsc
Depending on your use of email you must decide if you wish to do this.
I would appreciate if anyone has a walkthrough on how to configer the most popular email clients like outlook to stop certain file extenstions.
You may also wish to configer your email client
not to automatically open the email you receive .
Sobig may be able to scan the net and retreve email addresses from websites, this is also where most of the spam comes from that ends up in your inbox. Using simple javascript instead of html code when you place a email address on your website
will prevent the email-address from being retreved.
A good website that uses tools to generate the spam free/ virus free email javascript code can be found below.
http://innerpeace.org/escrambler.shtml
If anyone else has advice on security, please post in this thread.
Thanks
Linear Mode
