I've received a TON of these already.

There are several levels of protection every webmaster should be using -
-- www.Mailwasher.net - Lets you preview the email on your servers before downloading it to your PC - you can delete and bounce directly from your email server with Mailwasher. Free for 1 addy, but you can buy it to serve all of them.
-- Norton AntiVirus - or any good antivirus software. Make sure you have the "automatically update virus definitions" on to keep it current!!!
-- www.ZoneAlarm.com - one of the best firewalls available, it also covers email attachments to a certain degree. Free for basic (last I knew), or license "Pro" a year at a time.

'High Alert' For New Internet Worm Jan. 27, 2004

(CBS) Anti-virus software companies are warning of a new e-mail worm that is "generating e-mail at a faster rate than SoBig," according to Network Associate's Megan Grentner. The company has classified the worm, dubbed "Mydoom" as "high alert." The worm is also known as "Novarg" or "W2.novarg."

Symantec has given Mydoom a rating of four on a five point scale. They have never issued a five, so the company considers it "a very serious threat," according to Sharon Ruckman, Symantec's Senior Director of Security Response.

The virus infects machines running Microsoft Windows. It does not go after Macintosh and other operating systems.

Although I haven't been infected, I've received several e-mails containing the virus, including two from fellow technology journalists. I would have been infected, had I clicked on the attached files.

The email containing the worm may look like a message from a system administrator with a subject line such as "Mail Delivery System," "Mail Transaction Failed" or "Test." The subject line might also say "hi" or something else. The message will contain an attached file and may also contain some text such as "The message contains Unicode characters and has been sent as a binary attachment" or "The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment."

The actual virus is contained in an executable attached file that could be a zip file such as "document.zip" or "doc.zip." You will become infected if you click on that attached file.

The virus, according to Ruckman, will plant a "key logging" program on your computer that can record your keystrokes and collect user names and passwords. It also opens up a backdoor to your system that makes it easier for a hacker to break in.

If your machine is infected, it will help spread the virus by sending it to people in your address book which is why I received copies of it from people I know.

Symantec says that it also launches a denial of service attack against the Web site of Santa Cruz Operations, a Lindon, Utah software company that is involved in legal actions against IBM and other companies regarding the Linux operating system. A spokesperson for Santa Cruz Operations would not confirm that the company has been under attack but the company's Web site, www.sco.com, was responding slowly Monday afternoon and Tuesday morning. There are some reports that the worm will cause infected computers to launch a denial of service attack against Santa Cruz Operations on Feb. 1.

The worm is having an impact on overall Internet performance according to Keynote Systems, a performance-monitoring firm in San Mateo, Calif. The company said that "The performance of the top 40 business Web sites in the United States slowed down with average download speeds averaging over 4.0 seconds," compared to a typical speed of 2 to 3 seconds.

Keynote said that performance improved Tuesday morning but was still slightly slower than normal.

Mydoom follows closely on the heels of the Bagel worm that spread through email systems last week.

As always, your best defense against viruses and worms includes never opening attached files - even if from someone you know - unless you are expecting them. You should also be running anti-virus software that is regularly updated over the Internet.


A syndicated technology columnist for nearly two decades, Larry Magid serves as on air Technology Analyst for CBS Radio News. His technology reports can be heard several times a week on the CBS Radio Network. Magid is the author of several books including "The Little PC Book."


Got a PC question? Visit www.PCAnswer.com.


By Larry Magid
İMMIV, CBS Broadcasting Inc. All Rights Reserved.