[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[NAFEX] Repost of List Update (no HTML this time!)



Boy is my face red!  I thought I had my email program set for text 
only, but my last upgrade to Pegasus email included some HTML and 
rich text formatting features that I over looked.

Greg
------------------------REPOST-----------------------


On 28 Apr 2002 at 20:24, DerryWalsh wrote:

> Aren't we going to have a major problem with viruses if attachments >
> are allowed? I'm being swamped right now with W32/Klez.gen coming from
> another list  that allows attachments.  

Derry beat me to the punch of the emphasis for today's update: 
ATTACHMENTS!

This list forwards all attachments, good and bad. It is totally up 
to the users POSTING messages to control their temption to add 
INTENTIONAL attachments (.doc .pdf .gif .jpeg .html files). It is up 
to the users RECEIVING messages to guard against UNINTENDED malicious 
attachments. Some might be tempted (now or in the future) to curse 
this new list for not stripping attachments, but good defense is a 
good idea whether or not you belong to lists that forward messages, 
since you probably get email from "regular" people that have the 
capability to send email attachments. Here's what I have written for 
the FAQ regarding attachments:

*****************From FAQ***************
ATTACHMENTS: Be aware that this list forwards ALL ATTACHMENTS. 
Besides the annoying (LONG) attachments, this can include malicious 
attachments like viruses, worms, and their ilk. Since many email 
programs can be configured to AUTOMATICALLY open attachments, you may 
wish to disable this option. Manually opening attachments takes your 
cooperation but achieves the same effect. Similar considerations can 
apply to MIME and HTML formatting. (The default on this list is NO 
MIME.) 
Check for security updates to your email program, and consider 
running a good anti-virus program with a CURRENT library of viral 
signatures. Most programs provide free updates of current viral data 
files. Even nice people get viruses, which frequently hijack the 
owners email to forward themselves to the user's email address books. 
Receiving email puts you at risk for receiving viruses. Educate 
yourself and take appropriate steps to protect yourself. One source 
of good information is 
http://www.microsoft.com/security/articles/steps_default.asp
**********************End Excerpt********************

Most people starting to use a computer plug the computer in, connect 
and learn as they go. Many programs are default configured to 
automatically perform tasks (like open attachments, get HTML links, 
handle MIME in a certain way). The price for ease of use is less 
security, and virus authors have figured out how to exploit most 
program flaws. So what constitutes a good defense? (Most of this 
directed at Windows users, who carry a higher risk than Mac or UNIX, 
and focuses on email.) Start at the microsoft site in the last line 
of the FAQ excerpt.

A general summary of a good start (links to other web sites with a 
good SUMMARY are invited): Backup, update, use smart settings, run a 
firewall and antivirus, and be suspicious.

1. BACKUP your data. Often said, infrequently done. I've found 
myself missing backups *several* times--slow learner, I guess. Most 
critical is to back up DATA files (documents, spreadsheets, 
financial, passwords, email, homepage, etc.) are most important. 
Although inconvenient, program files can always be reinstalled. 
(Alternatively, reentering transactions from the last 6 years reallys 
sucks! Haven't had do that.) I prefer a read-only SCHEDULED backup 
like a CD burner. Hard drives can and do fail, and viruses can 
potentially alter any rewritable source. With a CDwriter you do have 
to insert a blank CD. I do this each week during "Nova".

2. Most viruses are transmitted via the Internet these days, so that 
is the obvious first line of defense. Make sure your email and 
browser programs are UPDATED with security patches. This is 
especially true for Outlook and MS Explorer which have proven to be 
"target rich" by virtue of a broad user base and security holes. Look 
under Help -> About to find out your current version, then go to 
www.microsoft.com and search for patches. Disable settings like 
opening attachments automatically. There are some instances where 
HTML (real links as opposed to MHTML which is safer) can also 
compromise your security. See the link below for MIME problems, 
which is exploit by Klez that Derry mentioned. I don't use Outlook, 
so I can't comment specifically. Also important is to run a good 
FIREWALL. There are several, but I like ZoneAlarm (free and Pro 
versions) at www.zonelabs.com. 

3. Run a good antivirus. Just as important is to keep the antivirus 
updated, since your program can't recognize a new virus that is not 
in its database. Most software companies offer free updates (can be 
scheduled automatically).

4. Be suspicious. Some security compromises are due to human 
factors (confidence games.) Anything unsolicited should be suspect 
(here's the free virus patch, and ignore your virus program's 
warning). Don't give out any personal information, including 
passwords, if the contact was initiated by someone other than you! 
(I'm from the credit card 
company. Your card has what appears to be some unauthorized charges. 
Can you confirm 
your SS# and date of birth? **Guaranteed to be bogus.**) This 
applies to email contact

This just scratches the surface, but is already too long and 
marginally on topic. I thought I'd 
post it since users of this list should be aware of the potential 
problem.

Greg Miller

Links of interest
Incorrect MIME Header Can Cause IE to Execute E-mail Attachment

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/sec
urity/bulletin/MS01-020.asp

Even MHTML may have security weaknesses if patches not installed

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q261253
_______________________________________________
nafex mailing list
nafex@lists.ibiblio.org
Most questions can be answered here:
http://lists.ibiblio.org/mailman/listinfo/nafex
File attachments are accepted by this list; please do not send binary files, plain text ONLY!
Message archives are here:
http://lists.ibiblio.org/pipermail/nafex
To view your user options go to: 
http://lists.ibiblio.org/mailman/options/nafex/XXXX@XXXX (where XXXX@XXXX is 
YOUR email address)
NAFEX web site:   http://www.nafex.org/