The W32Sobig virus - Posted by John Behle
Posted by John Behle on August 20, 2003 at 11:49:37:
It’s a new variant of a virus that was around a while ago. It is overwhelming mail servers across the country.
Yes, it come by opening an attachment. We all should know not to open attachments from people we don’t know, but this virus is tricky. It searches through people’s computers for email addresses and then sends out viruses using those addresses as the “From” address.
So, if you get a virus from “Jim Shue”, it most likely isn’t from him, but from Harvey who had Jim’s address on his computer. So, don’t get miffed at who it says sent it, because it propably wasn’t them.
Sadly, some of the same people that “collect” email addresses from websites also seem to be somewhat braindead when it comes to protecting themselves from viruses. So, it may not necessarily be anyone that frequents this newsgroup.
Antivirus programs will protect you, but make sure they are updated regularly. I’ve been very pleased with Norton and it has protected me from every virus that has come along. Others have their favorites.
I also use a program called “Mail Washer” that is wonderful for killing spam. About 95% of the spam sent to me is deleted without me having to even look at it. The rest I can delete easily from the server. One nice thing is it also identifies most viruses, so the 50 or so copies of this latest virus sent to me in the last couple days were deleted right from the server and never came near my computer. There is also a “bounce” feature that sends spam back to the sender as un-deliverable to help get you off of lists.
The “MSBlast” worm that has had all the attention the last couple days is something different. It doesn’t arrive through email, but as a direct attack on your computer through one of the open ports. You can get a patch at Microsoft, but if you are using Zone Zlarm or another firewall, it should be defeated before it gets to you. Zone Alarm is free and everyone should have it or some ofther form of firewall software.