Return to index: [Subject] [Thread] [Date] [Author]

Virus in Digest Form

[Subject Prev][Subject Next][Thread Prev][Thread Next]
I have to agree with Paul, my fellow Canadian. I receive the list in digest
form. When I attempted to open the message, I was warned by McAfee
Virus Protection Software that the message contained the
WScript/Kak.worm virus. It gives the option to clean or delete the
message, which I promptly deleted. This has happened twice in the last
several days. 

Can the "list administrator" attempt to clean out the viruses before
release of the digest form?

Steven A. Mallett, P.Eng.
Dillon Consulting Ltd.
Halifax, Nova Scotia


From: "Structuralist" <dennis.wish(--nospam--at)gte.net>
To: <seaint(--nospam--at)seaint.org>
Subject: RE: seaint Digest for 28 Jan 2001

Paul I am not so sure I agree with you as I had subscribed to the digest
format for over six months. To activate a JavaScript it needs to be
embedded
into an HTML format or it will not be recognized and run. I did not see a
version of the JavaScript as it was stripped out of the message I
received
by the security upgrade to MS Outlook, however, I did notice that the
message was in HTML format, not ASCII.
I never received a digest List message that included HTML formatted text.
I
had received it in ASCII format with HTML coding in the message but the
HTML
did not activate as the message was sent in ASCII.

Not that I want you to send a virus, but I would be interested in having
you
send me a copy of the digest format List message which contains the
offending text so that I can see for myself if the security upgrade will
identify it (which would support your opinion that it will run while
embedded in ASCII format). By common sense, if you create JavaScript
in an
ASCII editor and your argument is correct, the Script should activate the
moment that it is completed rather than after it is saved in HTML or a
format other than ASCII.

Just curious -not meant to be argumentative, but I would like to learn if
this is actually true!

Regards
Dennis
-----Original Message-----
From: Paul Ransom [mailto:ad026(--nospam--at)hwcn.org]
Sent: Monday, January 29, 2001 8:14 PM
To: seaint(--nospam--at)seaint.org
Subject: Re: seaint Digest for 28 Jan 2001


> From: "Structuralist" <dennis.wish(--nospam--at)gte.net>

> You are doing neither yourself or the professional community with
whom you
> communicate a service be leaving the list. You can, however, protect
> yourself from viruses sent to this list by simply subscribing in digest
> format. Rather than receive the original infected message, you receive
a
> compiled message minus all attachments in digest form. This will give
you
> the information you desire from the list without the threat of a virus.

Actually, no. All of the attachments are received in the digest format
as well. Your digest reader or OLMR may not display them and, in this
case, may not respond to them if it was Java enabled.

> best thing you can do is to upgrade your equipment so as to meet a
minimum
> standard for virus protection or refrain from downloading files or
messages
> in anything other than text (ASCII) format. You should be able to
change
the
> settings on your browser or email program to receive in ASCII format
only.

Typically, attachments are encoded in an ASCII format (it's a UNIX
legacy), or in the case of the recent virus, it was simply ASCII/Java(?)
code. Many mail viewers (e.g. MS OE) will display/run such attachments
by default. One needs to turn OFF the default (or not use products, with
80% market penetration, connected to the internet).

--
Paul Ransom, P. Eng.
Civil/Structural/Project/International
Burlington, Ontario, Canada
<mailto:ad026(--nospam--at)hwcn.org> <http://www.hwcn.org/~ad026/civil.html>