I would like to be removed from the list----unsubscribed---- Omar wrote: > >>My computer says the attachments from this recent posting from "anhvu" on > >>the listserve are infected. DO NOT OPEN!!! > >> > >> > >>From: anhvu <[log in to unmask]> > > This was immediately suspicious. A one-hundred kilobyte message? > > I hope that list members will refrain from posting attachments to this > list. And also from posting in HTML fomat. Sending attachments to a > list is generally a bad idea and virus infections may be spread by > code imbedded in HTML messages that calls the virus when the message > is opened from a machine that is still online. Anything that > absolutely needs to be distributed can be posted on the web and the > URL announced on the list. The defunct e-groups issued all of their > electronic forums with a "vault" expressly for file distribution. > > CODE RED WORM > > If you who may be running WinNT or Win2000 operating systems and have > not expressly taken precautions to protect yourself you are exposed to > attack. The worm is a parasite that enables those who distribute it to > control infected machines remotely via the Windows IIS Personal Web > Server. Estimates are that some 100,000 personal computers around the > world are now Code Red zombies. Most people operating infected > machines are unaware of the presence of a virus that has turned their > machines collectively into a powerful weapon in the hands of persons > unknown. > > The worm enters your computer while you are online by probing your > ports and entering, typically, through port 80, if it finds it open. A > friend of mine who is online most of the time intercepts 5 to 10 of > these worms a day. The first massive attack on July 1st infected more > than 300,000 machines world wide in the space of twelve hours. A > second wave occurred on August 1st, a third is expected on Saturday, > September 1st. > > Please investigate this yourselves. Check to see whether or not you > are running Microsoft Personal Web server - some implementations of > Windows install this as default. If you are, then assume that you are > infected. Check the Microsoft web site and take steps to remove the > worm and then either shut down IIS or download and install the MS > patch to protect yourself from the worm if you continue to use IIS. > The patch is not effective if your machine is already infected. > > The worm does not appear to be designed to damage your system or your > hardware, but rather to use your equipment for purposes that are > impossible to ascertain. > > Best regards, > > Omar > > To join or leave this LISTSERV list, please visit the list's web interface at: > http://listserv.muohio.edu/archives/ateg.html > and select "Join or leave the list" > > Visit ATEG's web site at http://ateg.org/ To join or leave this LISTSERV list, please visit the list's web interface at: http://listserv.muohio.edu/archives/ateg.html and select "Join or leave the list" Visit ATEG's web site at http://ateg.org/