the SoBig Worm - what should I expect to see.....
- From: "Simon Weaver" <Simon.Weaver@xxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 21 Aug 2003 21:44:29 -0000
Hi everyone
I was in the process of getting a new client over to SBS2000, as they
are currently using Win2k / Exchange / Proxy 2.0
However I was called in due to the fact they "believe" they are infected
with the SoBig.f Virus.
However a complete scan of the Server / PC's and patching all machines
proved there was no trace of the virus.
However, they are getting inundated with hundreds upon hundreds of
emails that is being picked up by the AV Symantec Program and sending
the Emails out with a Quarantine Attachment.
However people are also saying they are "receiving" Emails from the
users in this LAN to external recipients with a virus attached!
I do not believe it - But is this the behaviour of this new virus.
Also, am I right in thinking if I get SBS2k / ISA up and running I can
filter out .scr / .exe / .pif files??
Any advise is welcome :-)
Simon Weaver
Technical Consultant
MCSE+Internet / MCSE Windows 2000
Integrated Solutions Corp. Ltd
http://www.iscl.net
Other related posts:
