Klez probs


#1

With some concern over the previous message, specifically, someone mentioning a virus. I have noticed a rash of klez worms coming in through e-mail, but only mail that was submitted via a script on one of my pages. Has anyone else been experiencing this? It has only been very recently (a few days), and I have not changed or updated my page in nearly a month, so it was not introduced inadvertantly by me. The e-mails seem to be regular e-mails, but include the klez worm attached to the message. The Klez worm is very tricky, you don’t even need to open the attachment to get infected and it will replicate very, very fast, causing many problems with .exe files. If anyone has had this problem, or can offer any suggestions, it would be most appreciated. Btw, It’s always a good idea to get/update your virus progs, or use a good online proggy like “housecall”.


#2

Since Klez pulls e-mail addresses from the web cache (at least, I think it does), it wouldn’t surprise me if infected computers sent e-mail to an address that only showed up in a “submit” script–as long as the e-mail address shows up in the HTML, Klez can pull it from the cache.

Same goes for spam e-mail harvesters, actually, and I tend to get a lot of junk from both spammers and Klez targeted at “form only” e-mail addresses.

Oh, and if you’re really want anti-Klez security, you could always use a Mac.


#3

Thank you for your thoughts on the form/klez issue, Makosuki. It was insightful, and a good possibility.

Now, as for the Mac/PC remark… There have been many heated debates about which is better. I will admit that there are fewer viruses for Macs, but there are plusses and minuses for each system. I happen to own a Mac AND a PC. I know, I know, it’s like a redneck owning a Ford AND a Chevy, but I assure you, they both have advantages (and disadvantages). I have seen the system bomb just as often as the dreaded blue screen, and one has gotten me out of troubles that the other has gotten me into, in numerous occasions. Everyone should have both… I think this is the first step toward world peace.

Wonko The Sane


#4

Are you running OS X on the Mac? I’ve found OS X to be fairly stable. Of course you can’t really beat FreeBSD for stability. The only time I reboot my main computers at home / work are to put on a new kernel or if the power goes out. Sometimes they’re up for 70-80 days at a time or more.

Also, PC (ie x86) doesn’t necessarily mean Windows…


#5

See, I knew this would happen. Anytime someone mentions mac vs. PC, everyone has to get in a jab about which is better.

To answer you, yes, Will, I do have OS X. It is very stable, but it has a few issues too. I mentioned that I have seen as many system bombs as I have seen blue sceens. Well, this doesn’t mean that I’ve seen them all this past month. I have been using computers and different operating systems since owning my first Commodore 64 (gah, I miss those days), back when I was a young lad. During all of this time I have seen puh-len-tee crashes on macs and PCs.

And yes, I realize that PC doesn’t necessarily mean Windows. However… in my case (and that was what I was discussing), it did mean Windows. I am well aware of other OSs, and that they may be more stable than Windows, but the brunt of the PC population uses Windows, and that my friend, is that. Truth be not always kind.

Please don’t take my banter as meaning that I’m not appreciative of your suggestions. I am very thankful for your opinions and comments.

Thank you for playing, here’s a copy of our home game.

Wonko The Sane


#6

[quote]See, I knew this would happen. Anytime someone mentions
mac vs. PC, everyone has to get in a jab about which is
better.

[/quote]

Yep. I was afraid it would happen too. If this is going to turn into a “Mac vs. Windows” discussion, let me know ahead of time and I’ll move it to Offtopic Discussion.

That said, this is a debate that has been going on for what seems like forever. My personal opinion is that I’d rather take a boot to the face than use Windows for any extended period of time, and that Mac OS X - albeit with numerous faults of its own, mostly in the area of user interface - is head and shoulders above what the boys in Redmond have churned out thus far.

Then again, I work in a company that lets people choose their own platform to suit their own personal preference (Yay DreamHost!), and my opinion doesn’t mean a thing to the 95% of the world that doesn’t use a Macintosh.

Still… Way back when I used to get pretty involved into Mac vs. Windows debates, until I realized they didn’t result in anything productive and kept me from playing with my Mac. :>

As for Will, he’s actually not really a Mac guy at all - he’s a BSD/Linux geek. The main benefit of OS X for him over Windows is that it’s a much nicer system for managing terminals. :>

  • Jeff @ DreamHost
  • DH Discussion Forum Admin

#7

Aw, shucks! I thought it was going to turn into a Ford vs. Chevy debate! Vroom! :slight_smile:

There are other approaches, of course. You could run Virtual PC on your Mac, with Windows on that to do whatever you need Windows for, and then use the (relatively) virus-free Mac for weeding out your incoming mail.

Or, you could do what I do, and run Windows on VMWare on Linux. My only problem is that the penguins keep trying to jump off the treadmill!


#8

Here we go to the offtopic forum…

I just want to mention that despite being a complete Zealot (albeit one with a lot of cross-platform experience), I was really just trying to point out the advantages of using something other than Windows if you deal with incoming mail from a website–thanks to all these ridiculous internet-cache-scaning virii, I’m getting 5-10 virus infected messages on a good day (there have been days with over 100), and many of them look like the sort of legit attachments I get frequently.

I shudder to think of the potential of nasty infections if I ever got lax with security. As it is, if you aren’t using Windows (this all of course applies to other *NIX variants, BeOS, and anything else), it’s nice to scan through virii-spawned junk with confidence.

If only there were a relatively easy systematic way to proactively deal with Klez junk on the Dreamhost end of things, but that’s probably more trouble than it’s worth for Dreamhost. It does get annoying with auto-responders, though, since the people targeted by them aren’t the ones who sent the garbage. Grr.

(And just in case there was any risk of the flames dying down, I can’t say I’ve had a crash in MacOS X in 8 months (nor any other problems that come to mind), so I’m happy enough being single-platform, as it gets the job done. That, and the BSD subsystem is fun, particularly for things like ssh-ing into my Dreamhost account.)


#9

Even with a PC running Windows, you can drastically reduce your virus exposure potential by avoiding Microsoft software for email and Web use… I use Pegasus for email (www.pmail.com) and Mozilla for browsing (www.mozilla.org), and though my mailbox is inundated with viruses, none has a chance to infect me, and I wouldn’t have address books or web caches in the format it expects if one did.

– Dan


#10

[quote]thanks to all these ridiculous internet-cache-scaning virii

[/quote]

http://www.perl.com/language/misc/virus.html


#11

I agree. While I generally use a console based mail client (even on Windows), I used Netscape mail and other Windoze IMAP clients for a while, and never got a virus of any sort. Avoiding viruses is mainly common sense.

We run a virus scanner at the office anyway, since we have a few employees who insist on running OE and / or have no common sense (I think we’re down to about one or two OE lusers at this point).

[quote]If only there were a relatively easy systematic way to proactively deal with
Klez junk on the Dreamhost end of things, but that’s probably more
trouble than it’s worth for Dreamhost.

[/quote]

Well it wouldn’t be that difficult, but there’s some risk of rejecting legitimate mail. I will give it a thought though. For a while, we were rejecting all incoming attachments of certain types on our office mail server, which cuts down on viruses a lot.

We’re generally pretty hesitant to do anything that might block legitimate mail, even if it’s a small amount (although my resistance to this is shrinking given the number of spammers, address harveters and viruses floating around these days).

We have considered offering a (server side) virus scanning service… The virus scanner we use at the office (RAV) has a per-domain licencing scheme, which might be somewhat difficult to implement. Even aside from this,we’d probably have to charge a premium for this service since it has the potential to be somewhat resource intensive.