OT: RE: [AccessD] Fw: Use this patch immediately !

Jim Dettman jimdettman at earthlink.net
Mon Sep 22 10:01:54 CDT 2003 

Rocky,

<<I'm thinking that the ISP is the right place for the anti-virus software
to
be running.  Although this would put and end to a huge industry.>>

  I do and I don't.  One hand it's the logical place to do it, on the other
it can cause all kinds of problems.  Right now, I'm jumping through hoops
with Adelphia to solve a client's VPN problem.  Apparently, in an effort to
slow down viruses  they are filtering ports used by the VPN hardware.  So it
sounds great, but it's not always because they can break applications.  A
recent e-mail from Adelphia:

"   Also, in order to protect the Adelphia network from the Blaster virus
Denial of Service attacks from customers who already have the virus and to
reduce the possibility of other computers being infected, we are blocking
access to ports 135-139, 445 and 553 on our network. This may cause
disruptions if you are using the Microsoft Mail Exchange Server services
feature in your email client software, VPN software (a.k.a.Tunneling
software) to connect to a remote Microsoft Exchange Server, or other similar
remote software that uses one of these ports will be unable to connect. "


  Most software/hardware has work around's, but it's still a PITA to fix
when something that has been working fine suddenly stops.  In this case, I
went through 15 hours of tech support with Netgear, one trip to each site,
and a lot of time to finally figure out that is was them (the VPN had worked
fine from Dec to July).

  Ever try to get your ISP to change anything once it's in place?  It's near
impossible. Took me forever just to get them to admit that they were
blocking (a port scanning log I provided finally backed them into a corner).
And it's still not fixed.  UGH.

Jim Dettman
President,
Online Computer Services of WNY, Inc.
(315) 699-3443
jimdettman at earthlink.net

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Rocky Smolin -
Beach Access Software
Sent: Monday, September 22, 2003 9:28 AM
To: AccessD at databaseadvisors.com
Subject: [AccessD] Fw: Use this patch immediately !


Well, I finally got one. I was beginning to feel left out.

The attachment text reads:

file attachment: patch.exe

This e-mail in its original form contained one or more attached files that
were infected with the W32.Dumaru at mm virus or worm. They have been removed.
For more information on Road Runner's virus filtering initiative, visit our
Help & Member Services pages at http://help.rr.com, or the virus filtering
information page directly at http://help.rr.com/faqs/e_mgsp.html.


As you can see my ISP (Road Runner) filtered it out for me.  Do your ISPs do
this, generally?

I'm thinking that the ISP is the right place for the anti-virus software to
be running.  Although this would put and end to a huge industry.

Rocky

----- Original Message -----
From: "Microsoft" <security at microsoft.com>
To: <bchacc at san.rr.com>
Sent: Monday, September 22, 2003 2:09 AM
Subject: Use this patch immediately !


> ALERT!!!
> This e-mail in its original form contained one or more attached files that
were infected with a virus or worm, or contained another type of security
threat.
>
> The following attachments were infected and have been repaired:
> No attachments are in this category.
>
> The following attachments were deleted due to an inability to clean them:
> 1. patch.exe: W32.Dumaru at mm
>
> The Following attachments were not delivered due to inbound mail policy
violations:
> No attachments are in this category.
>
>
> Road Runner does not contact the sender of the infected attachment(s) in
the event that they were not actually sent from the indicated party.
>
> Please contact the sender directly to alert them of their issue with
infected files if you wish to do so.
>
> For more information on Road Runner's virus filtering initiative, visit
our Help & Member Services pages at http://help.rr.com, or the virus
filtering information page directly at http://help.rr.com/faqs/e_mgsp.html.
>
> ------------ Original message text follows ------------
>
>
> Dear friend , use this Internet Explorer patch now!
> There are dangerous virus in the Internet now!
> More than 500.000 already infected!
>


----------------------------------------------------------------------------
----


>

_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list