Now first off, I can’t say whether or not a certain employee got a virus (KAKworm) from a personal email or a business oriented email or not. But, I know this employee gets a lot of fun shit that is not business related at all.
But what pisses me off is that it is company policy not to get personal email on their email accounts. There is a reason for this. We haven’t pushed the issue too hard and I am thinking it’s time that we start enforcing it.
I am on vacation and have been checking the servers from home and GroupShield for our Exchange Server found this virus stemming from this one person.
I hate being the bad guy in this scenario but I had to email her and ask her to tell her friends and family not to send her email attachments anymore. I explained that I hated to sound harsh but the integrity of my network is more important the enjoyment of her personal email. It’s one thing entirely if we get a virus from a business email but a completely different thing if the network is compromised because of an employees need to have cutsie little shit in her inbox.
So, if you are an employee and get cutsie shit in your inbox fucking rethink your inbox and get a Yahoo type account to get this cutsie shit. You are jeapordizing your company’s network each time you open up one of those fucking lame ass files that are not business related.
I realize that having this shit breaks up the monotony of the day but I can tell you that if one of the employees is the source of a virus from a cutsie little fucked up personal email and the network goes down because of it your IT administrator will not be a friend of yours.
While I’m not responsible for maintaining a corporate net anymore (thank God), I have been, and I sympathize. I’m the de facto computer guru for my extended family (particularly on my wife’s side), and I had to help my sister-in-law clean up from the KAK worm myself (she had no clue her system was infected until one of her e-mails to a friend’s business e-mail address was bounced because their system detected the worm). I said another little prayer of thanks that I use a Mac for most of my personal e-mail so that I don’t have to worry about Windows/MS-dependent stuff, cleaned up her system, and configured Eudora for her so that she can stay somewhat healthier.
I would say, however, that once someone’s e-mail address is known to their personal acquaintances, it’s damned difficult, even with the best will in the world, for them to prevent others from sending them things. Having a fairly common first and last name and having been a customer of one of the largest non-AOL ISPs in the country since 1994, I frequently get mail from people who are convinced that my e-mail address belongs to an acquaintance of theirs. I get all sorts of misdirected messages, and I’m still amazed at how many of these people persist in sending their messages to me even after I politely, then less politely, inform them of their error. Short of blocking all attachments, or deactivating their current e-mail account and assigning them a new one, you and the employee are somewhat at the mercy of the user’s “friends” to respect the request.
Techie,
I’m nipping this one in the bud. Our employees do not need to receive attachments from outside e-mail (as in, they don’t send work or get it through the mail) and I’m going to force all attachments to go through my admin mailbox so I can scan them before they go along to the users. (Through Exchange). Just WARNING them that this would be happened (we had a virus a while back too) has prompted them to tell their friends and family to stop sending the shit. Works great, and it’s for the good of the network.
I usually let people know right up front that these are WORKSTATIONS, not to be confused with PC. It’s not a personal computer, it’s a station to do work at. Virus attacks are a pain in my ass, and I won’t tolerate it for your enjoyment of fucking around. I’m not the fun police, but hey- you’re not going to fuck my MY day because you wanted to play a game. Screw you!
Oh, Techie- are you running NT workstations/server? My old NT admin had a setting or something where a user could not execute an .exe file or install software without being logged on as the Admin. I’m going to implement that here, since that should completely take care of the issue. If you want to know how I do it, let me know!
Our company doesn’t mind personal email. It was used a hook to get employees to use email before it became part of the corporate culture.
The rules surrounding it are:
[li]Do your job. If email hinders your performance, it can be removed.[/li][li]Delete those damn attachments after you read them. I don’t want them on the server.[/li][li]Don’t be offensive while using a company address.[/li][li]If i get spam reports and find out spam is coming from my server the perpetrator will regret it.[/li][li]NO CHAIN LETTERS[/li][li]do not send something to an official mail list unless you have authorization.[/li][li]you do not send crap to others in the office that they neither request or want. If anyone sends me a cutesy poem I tell them I don’t want to see that crap. They do it twice and they will be restricted.[/li]While email administrators are not to snoop, any email on our server is our concern. Emails can come to the administrator’s attention through a variety of methods.
I work for the federal government. We run a Windows NitwiT network with MS Exchange and Demon-Fucking Outlook[sup]TM[/sup] as a front-end. Yup, we’ve been hit by every fucking Outlook virus in the past two years. Why? Because some idiot decides to open an attachment. Why do they open it?
Because they have conditioned themselves like CRT-stoned lab rats to automatically open inane fluffspam from their equally moronic “friends” the second the hell-spawned crotch-licking wastes of the bitstream hit their otherwise useless inboxes.
My secretary told me after the last hit that she was “used to getting fun stuff from all sorts of people and she thought it looked interesting.” Funny, since she’s a group secretary, she also happens to have the largest Outlook address book in my department. So she crashed her box and sent the fucking bug to 200 other people.
That’s why we need to have a no personal mail rule. Not to keep viruses out; no amount of security can guarantee that. No, we need to ban personal mail so people don’t get in the habit of opening shit when they don’t know what the fuck is does.
Yeah… Next time that happens here, I’m going to write down the names of everyone who’s mind-controlled Outlook sent me an e-mail. Then, I’ll visit each and every one of them and patiently explain the importance of making sure the attatchment is from someone you know and trust and that they shouldn’t open anything ending in .vbs. Hopefully, this will help them be more informed computer users… Either that, or I’m gonna leave a sack of burning dog poo in their office.
Ummm… how come you all don’t have something like Norton Antivirus running on all yer machines? My Norton autoscans all email attachments for viruses.
Note that 'round here, we don’t need personal email to get our viruses. Our sales guys are just fine at bringing back viruses from their client sites.
[rant-about-cool-product-I-helped-write]
And for all you sysadmins screaming that the attachments take up too much space on your server, I’ve got just the product for you. Takes all those old emails out of your Exchange database and copies 'em off to tape or another hard drive. Users can’t even tell the diffence until they click on the email to open it, and a box pops up to tell them it’s retrieving it from tape/hard drive. Lemme tell ya, it’s a great product, if I say so myself.
[/rant-about-cool-product-I-helped-write]
Hey Athena … I have this great utility too … I did not write it but it works wonders for cleaning up all the virus laden machines that I run into. Sometimes I want to use it on non viral machines of certain boneheads just to ensure that they are safe. It is called fdisk …
heheheheeee, Lazarus, good one. Let me tell you, there’s plenty o’ jokes about using fdisk to “tidy up” a cluttered hard drive in this big ol’ storage software company I work at. Y’know, the challenge in backup software isn’t pulling the stuff OFF the drive. It’s getting it back that’s the headache.
Well, we do run NAV, but it’s not always the solution.
Most Outlook bugs are of two types. The more traditional type hammers one’s machine and replicates itself. Norton can catch those much of the time, but they’re so easy to alter that a few simple changes to the code can force Norton to create a new definition for it. Until that definition is available, local NAV can’t do a thing.
The second type merely replicates itself using the Outlook addy book, and doesn’t cause any internal damage to the individual machines. It does, however, spawn like genital lice, and clogs hell out of mail servers. Again, that’s a matter of waiting on Symantec for a new virus definition as well as setting up MSExchange filters to dump incoming messages unread. Even if it’s only an hour or two before the bug gets controlled, the virulence and communicability of critters like Melissa and ILoveYou are such that beaucoup damage can occur in a very short amount of time.