I blocked certain file extensions from entering my client’s network tonight. I am most concerned with exe files and the ever stupid vbs files (aka loveletter variants) that have plagued my client’s network in the past.
I feel like a tirant (sp?) but it had to be done. They NEVER pay attention to my email warnings and even though they have seen the ravage of past viruses/worms that have entered their network, the office manager clicked on a VBS file two weeks after the intial attack. She didn’t learn squat from that.
Well another virus is on the loose, “hibrus” which I am unclear as to the actual damage it can do and another one was let loose late last week “Navidad”.
So, as mundane an pointless as this post is I hope that people learn to watch out for their employer’s network when it comes to file attachments in email. I have taken away the “Frog Blender” and other cutesy shit that comes across.
But fuck it, I have to clean up the damage the last thing I am going to do is let some stupid employee not pay attention, even if they have experienced the ravages of a virus/worm and were warned of files NOT to click on yet somehow they aren’t thinking and do it anyway.
I didn’t want to have to do it but I will not be forced to clean up based on repeated pleas and warnings…
“Oh look, someone in Peru who I don’t know loves me! Let’s see how he has expressed his love!” ::click click::
I’ve been helping people clean up the w32 MTX virus at my college dorm lately, and it’s annoying as hell. Look, doofi (or should that be doofuses?), don’t open the goddamn attachment. In fact, never open the attachment unless it is confirmed separately, or the email is too blatanly detailed for it to be a fake. But since you aren’t capable of distinguishing this, just don’t open it unless it’s been confirmed separately.
On a side note, the source code for Outlook Express needs to ritualistically destroyed in a dark Hindu ritual.
Be glad you can be tyranical with the network if you have to. I used to work in the IT department of a defense contractor in Maryland. You’d think that because of the sensitive nature of their work, they’d be a little more concerned with the security of their systems. Well, you’d think that, but it wouldn’t be true. We had one person in the Engineering department, someone who pretended to know all the ins and outs of computers and networking who reintroduced the same virus into the network 13 times. She’d taken floppies of specs home to work on them, infected her system there and kept transfering the files back and forth. The IT manager had me physically disconnect her machine from the network to try and make his point. It didn’t work though, she just used her neighbor’s. He finally had her visit his office for a ‘Come to Jesus’ meeting. I have no idea what he threatened her with during themeeting, but we never had another problem with her again.
The funny thing is it is opening me up for tons of phone calls:
“My brother sent me a file and it never came through”
"Joe Schmoo from WalMart sent me a file and Outlook says the mail server wouldn’t let it through." (though it’s a virus sent through their servers, we got Ethan the dickhead macro virus from WalMart)
“I don’t understand it, my sister sent me this cute little file, she says it was cleared through her virus software but I can’t view it.”
“So-and-so called me, I accidentally sent the virus that I think was attached from this email my brother sent me.” Worst case scenario…
Well, tough cookies folks I warned them too many damn times over the last two years, they didn’t listen and unleashed the same virus after the initial breakout I am not taking that road again. I am enjoying my working at home situation and unless it’s a problem with my servers or an OS issue I am not going to be take any chances. Simply put they can’t be trusted to weed out the crap that they have been warned about, time and time again.
:rolleyes:
I am 'sposed to help them with the issues on the network but when it comes to simple instructions on what to look for in email they can’t seem to take one second to figure out the email is bullshit and a potential virus about to unleash it’s ravages.
This has been going on for months and months and months. I have been too lax on letting them have personal email as it is, I am now forced (despite the emails and the “Acceptable email and computer use policy”) to restrict their emails.
Sigh, I hate being the bad guy but I can’t let this happen as many viruses can be hidden for periods of time, hiding in back-ups and snag my network unexpectedly…
Not an option, Outlook is on my client’s network and will not change.
Part of the problem is GroupShield for Exchange is a piece of shit.
I run Outlook 2000 on my home computer, I am VERY computer oriented, well duh most of you know that, and in the 6 years I have been on line I have never had a virus, NEVER. I currently run Norton Anti-Virus which works soo much better than McAfee/NAI’s GroupShield (same company) and it has never been a problem.
They run McAfee’s client product on top of GroupShield and not even that caught the loveletter variant but my Norton did. Two lines of defenses and it missed it. I have had to disable McAfee on several computers at my client’s office including removing it completely from my home office machine after several crashes and freezes.
Sorry but McAfee and it’s servers equiv. suck…Norton does not crash my computer and it does a good scan every time I download email…
In any case, Outlook will be a part of our systems but the key is to not let the exe files in to begin with. I don’t care if you have Eudora or any other email client, if you download and click on an exe file that you aren’t familiar with you subject you, your network or your home PC to loads of problems so I decided to disable the exe files on the network…it does not matter what email client you use, you must becareful of the files you execute.
Kudos Techchick. Stick to your guns. you arent there to make sure they can get that rediculous Flash program that telly them how much a stranger loves them, or that Elfbowl game (wont go into the trouble I had with that).
Oh yes,
I love Norton. It really dosen’t put up with any shit.
Norton kicks all kinds of ass. Symantec are the kings.
The Symantec Antivirus Research Centre is well worth checking once in a while, especially when some twonk sends the entire company a forwarded email virus hoax.
I can’t understand why people don’t follow the simple rule of not opening the bloody attachment unless they know it’s genuine. If they get an attachment from someone they know, why don’t they email that person to confirm that they really sent it? If you follow those rules you will be alright. You do not need to send forwarded virus warnings to everyone on the planet.
tech - I think you rock, dudette. As a secretary, you would not believe the crap I end up with in my inbox - I have had just about every virus forwarded to me thanks to the morons in management (hmmm - Morons in Management - possible band name?) who have to open every single attachment they are sent. Me, I delete 'em. I don’t know you, it doesn’t have an extension (.doc, .ppt, .xls, .html, .pdf, etc.) that I recognize, it ain’t getting opened. I am one with the delete button.
How hard is this? Hmm - I do not know this person. Hmm - there are 1/4 million employees at this company. Hmm - there are viruses going around. Hmm - this attachment by virtue of it’s name is not work related. Hmm - let’s OPEN it???
And I don’t think you are acting tyrannical at all - someone has to save people from their own stupidity, right?!!
You did the right thing TC. It’s sad you have to play hardball but so many people either don’t listen, care or know what they’re doing when it comes to email attachments. Don’t beat yourself up for the doing your job well.
That was a support hug. Stick to your guns. Aside from maybe a few rich media e-mail advertisements, anything coming through your corporate e-mail system with a VBScript attached is more likely to do damage than good. It’s a shame to have to ban .exe files, but that’s much better than having to deal with wiped hard drives or infected files making their way back and forth across your servers.
Some of the smartest people I’ve ever met in the Interactive biz are still stupid enough to click on attachments from people they don’t know. There is nothing like that sinking feeling you get when you see 3 or 4 of the same e-mail from different people in your organization pop into your e-mail box at the same time and you just know that someone opened some sort of .vbs worm. E-mail server crashes are no fun.
I sent an email to the powers that be at my client’s office, one of whom is my older brother. I explained to them what I did, why I did it and the fact I did not tell the employees and we would take this on a case by case basis since Group Sheild puts them in a quarantine folder.
He simply sent me a reply that said:
“good”
So I don’t feel so bad today but still I hate being a hard ass about things. On the other side of it, I do enjoy some aspects of being a hard ass, it’s a small power trip.
Soon all their outside employees that have email will be on our email system so we will be able to control that end of it too.
As a Symantec employee, this thread warms the cockles of my heart.
You did the right thing techchick. End-users at times need protection from themselves and the outside world, and it’s nice that you have the authority to offer that protection. I’ve seen far too many situations where techs are expected to do their job, and then are hamstringed by those higher in the food chain who put the kibosh on security measures for the sake of end-user convenience. Of course, it’s ideal if a balance can be found that the majority are happy with, but that just doesn’t always happen.