BorderManager Defeats MyDoom.M Worm
Novell Cool Solutions: Feature
Digg This -
Posted: 29 Jul 2004
The recent MyDoom.M mail virus, tricked thousands of computer users into spreading a flood of bogus e-mail messages. Internet search sites such as Google, Lycos, Yahoo, and AltaVista were knocked off line for several hours.
There was a silver lining to this cloud for Novell and its engineering teams, however. When other mail servers couldn't defend themselves against the MyDoom virus, Novell BorderManager 3.7 and 3.8 mail proxies spared a number of customers and clients from this attack.
|Recognizing and Dealing with MyDoom.M|
The MyDoom virus is a mass-mailing worm. Its e-mails typically appear with the following characteristics (acme.com represents the recipient's domain name):
Examples : email@example.com
[Spoofed to appear as though it is coming from a valid address at the recipient's domain]
Subject (varies) examples : Mail System Error - Returned Mail Returned mail: see transcript for details
Mail Body (varies)
[Your email account was used to send a huge amount of unsolicited email messages during this week. Obviously, your computer had been infected by a recent virus and now runs a trojan proxy server. We recommend you to follow our instruction in order to keep your computer safe.
The acme.com support team.]
Attachment (varies) examples :acme.com.zip
Do NOT run the attached .zip file, as that will spread the virus. Instead, delete that type of e-mail from both your mailbox and the trash.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com