Re: worms or lack thereof

["Pamela L. Gay" <pgay@FAS.HARVARD.EDU>]

Some more interesting worm/virus facts:

       - Some worms can infect you/your computer even if you
         don't check email on a computer. They take advantage of
         RPC vulnerabilities and break through a port (often 135)
         on Windows machines. All that is required is one other
         computer on the node to be infected (I caught a very
         nasty parasite from our campus wireless net and took it
         home to my home net).

       - Some viruses will look through the inbox and send
         messages to everyone in the inbox - Being in someones
         address book isn't required!

The moral? It is worthwhile to compulsively update your virus scan
software and install all Windows Updates as soon as they come out. The
better option, if your budget and software needs allow, is Mac OSX
(LINUX/UNIX  have their own hacker issues, but are less trying than
Windows).

Now, if only we could rechannel the hackers problem solving skills into
something like Physics...

Cheers,
Pamela (whose office contains a Mac, an XP box and a LINUX box)

John Denker wrote:
> Ludwik Kowalski wrote:
>
>
> > A VIRUS FROM  OUR OWN SERVER?
>
>
> No.
>
> 1)  Useful fact to remember: Viruses typically forge
> the From: address.
>
> 2)  Sending forged email is exceedingly easy.
>
> 3)  Another useful thing:  The phys-l archives are
> searchable.  No attachments appear in the archives.  So
> there is every reason to believe that the listserv
> has *not* been involved in propagating any viruses or
> worms.
>
> 4)  We can surmise with modest confidence that someone
> who is infected lists both Ludwik and phys-l in his
> address book.  The rationale here is that the address
> book is the worm's typical source of recipient-addresses
> and (forged!) sender-addresses.  But even this is a
> moving target, since worms are getting cleverer about
> how they make up addresses.