Computer Chess Club Archives

Search

Messages

Subject: Re: OT received some faked ICD mails today with Bloodhound virus

Author: Zheng Zhixian

Date: 06:59:58 04/28/04

Go up one level in this thread

On April 27, 2004 at 16:41:50, Peter Skinner wrote:

>On April 27, 2004 at 15:36:22, Christophe Theron wrote:
>
>>On April 27, 2004 at 13:04:14, Peter Skinner wrote:
>>
>>>On April 27, 2004 at 09:20:26, Günther Simon wrote:
>>>
>>>>"Return-Path: <icd@icdchess.com>
>>>>Received: from marek.org ([213.173.216.226]) by mailin06.sul.t-online.de"
>>>>
>>>>marek.org seems to be a strange site BTW...
>>>>http://www.marek.org/
>>>>
>>>>Günther
>>>
>>>I have recieved the same. Someone on the board probably has ICD Chess in their
>>>address book, and it is sending to everyone in it.
>>>
>>>Just in case I ever do get a worm virus it isn't going anywhere. Just create a
>>>new contact in your address book with the name 0000, and no email address. It
>>>stops the virus from proceeding.
>>>
>>>Peter.
>>
>>
>>
>>I don't see why it would stop a virus from proceeding with the next entry in
>>your address book.
>>
>>Urban legend? Hoax?
>>
>>
>>
>>    Christophe
>
>Most worm virii look for a "person" and an "address" in the address book. When
>the 0000 user is put in you will notice it tops the list in the book, and when
>the virii can not see both criteria it stops, thinking the book is empty.
>
>This is an "old school" trick from when the Melissa virus was circulating and
>still holds true today. There are exceptions to every rule, but for 99.9% of the
>email worms out there it is very effective.
>
>In McAfee version 4 I believe it used to create the 0000 user account
>automatically, but so many people though a virus had done it and McAfee didn't
>stop it, there was a huge decline in business. McAfee of course removed that
>"feature" with the 4.01 patch :)
>
>I will dig around the Symantec website for the actual artical explaining this in
>more detail and post it here. Hopefully I can still find it.
>
>I install the 0000 account on every single computer I work on with the clients I
>service. And the stats do not lie. While the computer maybe infected, there is
>no extra traffic leaving the workstations, thus limiting the damage the virii
>can do.
>
>Like I sad I will dig around and post an actual article that details it more.


Like these?

http://antivirus.about.com/cs/hoaxes/p/000tip.htm
http://vil.nai.com/vil/content/v_99213.htm

I agree with Christophe Theron, I would be worried if someone "knowledgable"
like yourself was providing security advice to me.

• Re: OT received some faked ICD mails today with Bloodhound virus Peter Skinner 10:34:24 04/28/04
  • Re: OT received some faked ICD mails today with Bloodhound virus Zheng Zhixian 08:44:40 04/29/04
    • Re: OT received some faked ICD mails today with Bloodhound virus Peter Skinner 15:57:35 04/29/04
      • Re: OT received some faked ICD mails today with Bloodhound virus Christophe Theron 16:07:04 04/29/04
        • Re: OT received some faked ICD mails today with Bloodhound virus Zheng Zhixian 12:27:46 04/30/04
        • Re: OT received some faked ICD mails today with Bloodhound virus Peter Skinner 18:44:03 04/29/04
          • Re: OT received some faked ICD mails today with Bloodhound virus Christophe Theron 00:01:27 04/30/04
            • Re: OT received some faked ICD mails today with Bloodhound virus margolies,marc 07:38:21 04/30/04
  • Re: OT received some faked ICD mails today with Bloodhound virus Christophe Theron 11:11:39 04/28/04
    • Re: OT received some faked ICD mails today with Bloodhound virus Peter Skinner 14:08:23 04/28/04

This page took 0 seconds to execute

Last modified: Thu, 15 Apr 21 08:11:13 -0700

Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.