Antivirus

[Ed Greshko]

Bart Silverstrim wrote:
> Ed Greshko wrote:
>> Jonathan Dlouhy wrote:
>>> Ed, have you ever run across a virus? In fact I'd be interested to hear 
>>> if anyone has ever had a virus in Linux. I've run Linux for about 15 
>>> years and can't say I've ever had a virus. I've got a Mac with OS X and 
>>> have never had a virus with it either. Windows? Completely different 
>>> story...
>> I have never run across a virus whose target was Linux.  I have gotten 
>> emails containing virus whose targets were windows and, like I said, my 
>> anti-virus caught those and killed them.  Had I not been running an 
>> anti-virus I could have passed it on in the attachment and been part of the 
>> problem...not the solution.
> 
> Can you describe what these virus emails were that you'd have wanted to 
> forward them to someone you knew?

Sure....

I was working as an independent consultant for a large multi-national 
company based in the UK.  One of their contacts was based in Mumbai and they 
sent an Excel Spreadsheet that contained a virus.

Since I run Linux and use OpenOffice I would not have seen and would not 
have cared about their infected attachement in my environment.  Yet, 
normally I would have simply passed the attachment on  to others.

Now, since my anti-virus was able to detect and eliminate the virus I did 
not pass it on.

> All the ones I had run across were from suspicious senders, with 
> attachments that had suspect names to them (.jpg.exe?), and the text 
> with them were just generic and ill-spelled and out of character for the 
> sender, if the sender was even a (spoofed) name I knew.

One should never assume that their interactions are the same as every ones 
else's.

> The only ones even remotely legit were zip files, and then it had the 
> password in the email from people I knew weren't tech-savvy enough to 
> use Zip, let alone to zip with a password, and then it's just plain 
> stupid to send an encrypted file to someone with the password in plaintext.
> 
> I for a couple years just blocked all executable files from our mail 
> server and never had to worry about it again. The only things that could 
> come through were links to viruses (thanks MS for including your HTML 
> renderer and the ensuing vulnerabilities for IE in OE and Outlook...)
> 
> Just curious what you were seeing that you'd have passed it on if not 
> for your AV.

Have I helped you to understand?

-- 
Um, it's like, uh ... did anyone see the movie `Tron'?

		-- Homer Simpson
		   Treehouse of Horror VI