RootsWeb Mailing List Archives

RootsWeb.com Mailing Lists

Home

Results for list 'tnsevier'

Sender

Subject

Content

Total: 1/1

1. [TN-Sevier] [admin] Imporant Virus Tech Tip! *Please read*
2. Michael G. McManness
3. Hi Everyone, In view of the serious outbreak of BadTrans.B, please give this post your utmost attention! Killing BadTrans.B is urgent business. Thanks for your help! I have gotten e-mail indicating that people do *not* understand this virus that has a very high penetration rate and is successful in the payload. The Bad Trans virus ran rampant through the maillist subscribers. The virus is undetectable in some instances because it is embedded in HTML. According to virus experts, more devious ways of hiding the virus in email messages will take place in the future. Please take a few minutes to educate yourself, you *will* be glad you did. Beware Badtrans.B http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2825280,00.html Question...... but is it really necessary to unsub a virus infected person from our maillist? After all, the virus messages aren't coming through our lists, but are being sent to individual members who probably posted to the list(s) at some time back in the past. So, isn't unsubbing them sort of a "moot" point? Hasn't the "damage" already been done? Answer...... Let me answer your basic question and add a bit of historic perspective, since after all, genealogy is a branch of history. RootsWeb servers are Unix based and can *NOT* pass the virus. It is impossible! You can *NOT* get a virus from a RootsWeb mailing list but you *CAN* get the virus from a RootsWeb mailing list *SUBSCRIBER* by posting to the mailing list. This is confusing. The subscriber's computer, in some circumstances, then takes your message from it's inbox or your e-mail address from their address book and passes the virus to you. I hope I have made this issue clearer for you. It is very confusing until you understand the ins & outs, contributing circumstances and how everything works. Unsubbing an infected subscriber has a limited use, but that use *can* be important. I do it when the infection is by a worm that replies to real messages, such as the latest bug, BadTrans.B. By unsubscribing the infected address, one at least prevents *new* messages from the list going to the infected computer, and creating even *more* infected replies. You correctly stated, replies created by BadTrans do *NOT* go *through* the list. Yet they give the appearance to the unwary that they have. In any event, unsubbing the infected computer protects people who send messages through the list from *some* off-list problems. It all depends on which virus the person is infected with. Most virii it wouldn't make any difference. However, BadTrans (both the original and the B version) send themselves out to posters on a list, if there are any infected subscribers on the list, making it appear that the virus is coming from the list or even from a board if the list is gatewayed to a board. Therefore, I strongly recommend unsubbing people who are reported as being infected with this virus and notifying them that they need to clean their machines before resubbing. Point them to some useful URLs to get updated AV software or information. The removal procedure protects subscribers computers. In my opinion, if a list admin unsubs someone for this reason, he or she takes on a certain responsibility to follow up with an offer of help (if only to point to useful sources of information). One also needs to make sure that the victim doesn't end up in Reject File forever, for a problem that has been cleaned up. Last spring, around April, Badtrans Senior was released and due to the characteristics of that particular virus's behavior it spread like wildfire through the list subscribers. Some lists reported 25% of the subscribers were infected. None of us like to unsub people but it was literally at the point on many lists that unsubbing was the only way to stop the virus from spreading to everyone. From a subscribers point of view, they would post to a list and get one or more well disguised viruses in return. Needless to say, posts to the lists were greatly reduced. And there were numerous rumors that the virus was being spread through Rootsweb (not true but appeared true to subscribers). It's probably fair to say that a few list owners unsub for just a run of the mill virus. Its probably also fair to say that Badtrans affects lists very adversely and those of us that were around last spring, have absolutely no desire to repeat that experience in any way, shape or form. * Avoiding virus infections: Viruses and other malicious software, like worms and Trojan horses, are an unfortunate fact of online life, and there's no sign that they're going away. But you can avoid becoming a victim by keeping a few safety tips in mind: - Make sure you have up-to-date anti-virus software installed on your computer. Check the Web site of your software manufacturer for any software updates. Some anti-virus programs can be configured to check for updates automatically. - Treat all email attachments with extreme caution, even if they appear to be sent from people you trust. Some worms email themselves using their victim's address book, so that even people you trust may unknowingly email infected files to you. - Keep up with virus news. Learn about the latest threats by periodically visiting sites like Symantec Security Response at http://www.symantec.com/avcenter/ * "Badtrans" worm infects computers: Experts are warning Windows users to beware of an Internet worm that can record and transmit its victims' keystrokes, potentially exposing private information like passwords and credit card numbers. http://www.cnn.com/2001/TECH/internet/11/26/badtrans.worm/ Get the technical details about the "Badtrans" worm at http://www.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.html For those who are struggling in the BadTrans virus arena, there is a FREE FIX from Symantec... the [VIRUS] W32.Badtrans.B@mm Removal Tool! Download the FixBadtr.exe file from: http://securityresponse.symantec.com/avcenter/FixBadtr.exe for more info read: http://securityresponse.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.re moval.tool.html { make sure to use the entire wrapped line } There are several free trial versions available for the removal of the "Badtrans.B" virus that are being discussed and evaluated on the Virus Discussion List (see below). So please post your virus concerns to the Virus Discussion List and get those infected computers cleaned up!! Rootsweb has a virus discussion list to help people learn about virii and how to best protect your computer. The virus discussion list will assist those that have been infected or have seen unusual issues and think they may be infected with the "Badtrans.B" virus or one of its variants. If you need help or want to ask questions regarding the virus that is driving us all crazy, please click on the link below and subscribe to this list for help. If you wish to participate, just send the word "subscribe" to one of the following e-mail addresses: VIRUS-DISCUSSION-L-request@rootsweb.com (single message mode) VIRUS-DISCUSSION-D-request@rootsweb.com (digest mode) It's quite good -- and quite busy right now. Thanks again for your help! I hope this information helps. If you have problems or further questions please let me know. Let's get back to genealogy now. :-) Thanks, Mike ************************* Michael G. McManness, a Jayhawk through and through, eating, sleeping, breathing, and bleeding Crimson and Blue near the University of Kansas. Family genealogist and research historian. "Character may be manifested in the great moments, but it is made in the small ones." --- Phillip Brooks *************************
12/04/2001 04:40:59