E-Musings Mon Immorata

Life Is Sobig as Hysteria Swamps The Net The Sobig explosion that's sweeping the Internet both amuses, and disappoints me. So I seek pardon for any (unintended) puns associated with this virus' name. If last weekend was a crippling power failure spread across North America. This week its so big and yet so small. But I've read so much about the extent of the infection. Heard dire pronouncements about what more's in store. And directly experienced the power of the attack. The virus affected the business I work for and our email relationships with people across the Net. Over the past 24 hours, we attracted over 4,000 infected mails. Some direct mailings from a virus-infected computer. Others from mail server postmaster accounts bouncing infected mail to a spoofed account. The really intelligent postmaster programs only sent a notification that infected mail couldn't be delivered. In a way I'm glad I still use Avast at work. All mail delivered into Outlook is scanned. So every Sobig-infected message including "bounces" with an infected attachment was detected and quarantined. Not so my colleagues who, despite updated Norton Antivirus 2001 (NAV) installed at their desktop fell victim. Contrast an updated Norton Anti-Virus 2001 copy unable to detect Sobig with Trend Micro's free online Housecall service that not only detected and quarantined Sobig, but also discovered 6 other Trojans on one of my office computers! Housecall only works with IE as it has to download and run an ActiveX control. If you have an Exchange server (still) lacking an antivirus, GFI is offering a free version of their Mail Security for Exchange/SMTP. This uses a single Bit Defender antivirus engine that will be updated for 1 year. The full suite, available as a 60-day trial, uses multiple engines to reduce infection risks. I've think NAV is a high on publicity software that falls woefully short on detection and action. In contrast, McAfee's VirusScan may have a very early-Nineties interface but is more effective at detecting and removing virus infections. Equally good, if somewhat interface-crippled, are free antivirus software like Avast's Home version and the equally effective AVG Free edition. And finally, not about Sobig. With the air waves and dead-tree products flooded with information about this virus, its variants, effects, and aftershocks, I'm not going to write about it as well. Instead, I recommend Trend Micro's System Cleaner as an efficient system virus detection and removal utility. There are separate versions for existing Trend product users and everyone else. Both are free as are the update files. I recommend visiting Virus Bulletin; an independent anti-virus advice provider whose VB100 Award . reviews and rate anti-virus software using their own test-bed. You can view monthly summaries of these tests. Being informed is half the battle against security threats won! Another interesting site is Securityfocus which offers articles and critiques about security-related information. Read this article about how the Blaster worm will (hopefully) serve as a wake-up call for system administrators! I haven't recommended automated Microsoft updates to Windows because past version often broke working components. But the Windows 2000 Service Pack 4's auto-notification service leaves me pleasantly surprised. Naturally, this service works best when you have a high-speed (>64 kbps) Net connection. Although Win 2K's Service Pack 3 too included this feature, I never did install SP3 because of Web reports that it had bugs. The one time I did update my with SP3, it crashed my home PC requiring a complete reinstall! Windows Service Packs are cumulative and include all updates released previous to the patch; including older Service Packs. But with a difference as each new Pack includes updated versions of older patches and always works better than a previous one! With all this big static over a virus, some interesting software updates seem to have slipped past us. There's a new MyIE2 version (0.8.350) available that you should upgrade it. This fixes a number of bugs plaguing previous 0.8.x builds plus lots of new features. I've also heard a rumor that the next version will be a standalone browser that no longer depends on IE being installed. Also new is Opera 7.20 Beta 5 (Build 3073) that fixes redraw, clock, fast forward fix and other minor changes not fixed in Beta 4 (Build 3069). The complete Beta 4 change log for Beta 4 has been published. Beta 4 builds are also available for Linux x86 and FreeBSD. My advice when upgrading Opera Betas to prevent previous build code from interfering with the latest version is to uninstall the software. This process doesn't zap your custom settings. Or even lose the pages that were last open. But it does remove all executable files of the previous version. And ensure that the new Beta performs fantastically. Thunderbird tests are still inconclusive. The interface's better than Mozilla's Mail & News but the learning curve for this Outlook Express user is still steep! To ensure extra security there appears to be a speed trade off and downloading mail from POP3 accounts takes ages. I've decided to discard it for the present and continue to use Popcorn as an alternate. But the MozillaFirebird 0.6.1 browser rocks! G Menon Click Here to Email Me