[thelist] Why aren't email viruses extinct? (was: [admin notice, please read])

Sean G. ethanol at mathlab.sunysb.edu
Wed Jun 19 19:09:00 CDT 2002 

Howdy,

Why do people still accept email with executable attachments?  Just block
all executables, scripts, batch files, and anything else that might do
something without you explicitly asking for it.

It's a proactive solution you set up once; requires 0 administration (until
a new type of program file type comes out).  An anti-virus app needs virus
definitions updated, and even then you're only reacting after the fact, when
a new virus has been identified.

Just stop accepting these files types.  If a friend wants to send you a
script or elf bowling, they can zip it or tar it or just change the file
name (if you're filtering by file extension).

If you admin an email server, and you still allow emails with .exe, .vbs, et
al attachments to get through, come on!  It takes a few minutes to set up
and then it's done and you're protected.  Seriously, you belong in the
unemployment line with ms-sql DBAs that left sa with the default password.

=)


Sean G.


<tip type="another windows annoyance">
Windows 2000 is a big step in the wrong direction in the battle between
developers and users for control of the workstation.  (Thanks for nothing,
Bill.)

Win2k Professional installs a gaggle of components by default that don't
show in the Add/Remove applet to be removed.  See KB article Q223182 "Adding
Optional Components to Add/Remove Programs Tool".  You edit an .inf file
(either before or after install), and the problem (er...feature) is fixed.


There's also the "Windows File Protection" which will automatically replace
files from a dllcache folder.  (Oh no!  The world will end if I don't have
notepad.)  See KB article Q254135 "How Windows 2000 Feature, Windows File
Protection (WFP), Prevents Replacement of Essential Files"

This crap (er...feature) can be disabled--Q222473 "Registry Settings for
Windows File Protection"--if you want to mess around in the registry AND you
happen to have a kernel debugger hooked up.

Or just delete the file from the dllcache folder before deleting or changing
the corresponding main file.
</tip>

-----Original Message-----
Any one know a good filter to get rid of them?

-ray

More information about the thelist mailing list