[arachne] Re: illegal attachments?
- From: Rob <robo13@xxxxxxxxxxx>
- To: arachne@xxxxxxxxxxxxx
- Date: Sun, 9 Nov 2008 18:33:48 -0600 (CST)
Arachne at FreeLists---The Arachne Fan Club!
I live in a town of just over a thousand people and I
know the people at my ISP very well. They monitor literally
thousands of virii, worms and trojans moving thru their servers
everyday. They get complaints at their help desk everyday from
people complaining about their internet service slowing down.
They then access that person's computer just to find out they've
been hacked, added to a botnet or infected. People go to websites
all the time that download malware to their computers. People
don't use their AV software because "it uses too much memory" or
they use "M$ update". The ISP offers Postini for free to anyone
who wants to sign up, but a lot of people just don't bother.
Postini grabs just darn near every malware I've had come at me.
It's really hard to protect people against themselves and it's
an ongoing battle for ISPs, they're just doing whatever they can.
When a defense is invented, malware providers WILL eventually
find a way around it, and new defenses need to be found. Malware
can hide in the HTML code or GIFs or JPEGs in an email, all you
need to do is open the email, social engineering takes care of that.
Postini gabbed an email onetime that had 'uninstall.exe' attached.
I wonder how many people opened that one?
Rob
--
I don't play a lot of fancy guitar. I don't want to play it.
The kind of guitar I want to play is mean, mean licks.
--John Lee Hooker
-----Pine Email on Slackware GNU/Linux-----
On Sun, 9 Nov 2008, L.D. Best wrote:
Arachne at FreeLists---The Arachne Fan Club!
Sorry Sam, but you pushed a button ...
Samuel W. Heywood wrote:
Arachne at FreeLists---The Arachne Fan Club!
OK, but is this really necessary? Don't most people examine batch files
to determine what they do before they run them? Also, don't most people
do a virus scan and a spyware scan of ".exe" and ".com" files before
they run them?
Yes
No
No
Are there really a lot of people out there who haven't even gotten the word
about how it is smart to practice "safe hex"?
The majority
And the majority of people out there use an e-mail client which strives to
open attachments on mssgs rec'd so as to present a pretty picture or play a
song while you read or .... etc etc & soforth
Now I know for a fact that Linux servers (at least Red Hat) can be set to
disallow SENDING of certain types of attachments. I know that because I have
one of the few ISPs with a server which considers ZBM a valid extension. <G>
But afaik MickySoft servers *cannot* be set to disallow sending certain types
of files (or allow sending of only certain types of files) ... or the ISPs
who run solely M$ have staff who don't know how to do it.
There are, however, a few plug-ins companies have learned that can protect
their networks to one degree or another. So most often you'll get "illegal"
or "virus infested" kickbacks from private rather than public servers.
Bottom line: The majority of people use 'doze; the majority of people don't
know how a computer works; the majority of people don't know what a "bat"
file is (nor that they're .cmd files in XP ); the majority of people have
their e-mail readers (even those who don't use OE) set to open attachments
automagically; the majority of people bitch about Big Brother taking away
their freedoms while also bitching about Big Brother not protecting them well
enough.
And "most" people trust M$ security and a *monthly* malware tool to keep
their computers/pda's healthy.
As a consequence, most companies and many ISPs find they must be responsible
for keeping the users' diapers changed.
l.d.
Arachne at FreeLists -- Arachne, The
Premier GPL Web Browser/Suite for DOS --
Arachne at FreeLists
-- Arachne, The Premier GPL Web Browser/Suite for DOS --
Other related posts: