[THIN] Re: RE Security Alert SOBig Worm Follow Up

  • From: george.wasgatt@xxxxxxxxxxxx
  • To: thin@xxxxxxxxxxxxx
  • Date: Tue, 14 Jan 2003 15:53:52 -0500


Why don't you just block suspect extensions ?  I block about 50 or so
different ones so even if McAfee isn't up to date yet the bad guys still get
nailed.  If I recall correctly this ones either a .PIF or a .SCR both of
which I block even before the virus scanner kicks in.

-----Original Message-----
From: Jim Kenzig http://thethin.net [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Tuesday, January 14, 2003 3:48 PM
To: thin@xxxxxxxxxxxxx; windows2000@xxxxxxxxxxxxx
Subject: [THIN] RE Security Alert SOBig Worm Follow Up



Hi All,
Just a heads up.  I've updated my Mcaffee and already received this worm 3
times today and McAffee is not catching this one.
The attachment is remaining intact.
So tell your people to immediately delete anything that comes from
BIG@xxxxxxxx and block that address if you can at your email gateway.

Regards,
Jim Kenzig
http://thethin.net
http://worldofasp.com
http://www.osmess.com
http://Portals.US
http://www.virtualdotnet.com
http://Zoner.net

*********************************************** 
This Weeks Sponsor: WM Software
WMS Messenger for TSE
Affordable Instant Messaging for Terminal Servers
http://www.wmsoftware.com/wmsm/
************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
*********************************************** 
This Weeks Sponsor: WM Software
WMS Messenger for TSE
Affordable Instant Messaging for Terminal Servers
http://www.wmsoftware.com/wmsm/
************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

Other related posts: