Corporate response to individuals that send virus infected documents through
Brad Slanker
letter to individuals that send infected documents through to a company?
Does anyone have any examples? Thanks everyone.
-Brad
Charles Fish
people that are sending viruses have NO IDEA that there are doing
so...
Mostly attachments to email, excell macros, word macros, happy99,
prettypark.... the normal lot.
When the postmaster detects a virus, it sends me a message that
Sender of the infected attachment: John Doe
Recipient of the infected attachment: Jane Doe\Inbox
Subject of the message: New message
One or more attachments were quarantined.
Attachment Happy99.exe was Quarantined for the following reasons:
Virus Happy99.Worm was found.
I try to contact the sender and "inform them they may have a virus",
and offer help if I can.
MOST of the people I talk with
1. Have NO AV SOFTAWRE
2. DEFINIIONS REALLY OUTDATED
3. DO NOT SCAN THEIR SYSTEMS.
Nothing formal. (yet)
Sharkman
company. I store the mail server virus alerts, group them by
original sender, and if someone seems to be sending a number of
infected docs, I alert them, offering pointers.
In article <5qiO4.265858$Hq3.6...@news2.rdc1.on.home.com>,
756373323...@756373.636F6D.747 (Jack) wrote:
>
>I've got a copy of a formal bounce from a country's offices of
an
>international accounting firm stating no email containing
attachments are
>accepted under any circumstances.
>
>Perhaps more effective than your knuckle-wrap after the fact.
-- Tom R. Earlywine
Posting e-mail address does not constitute request for Commercial Email.
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
Nick FitzGerald
> Does anyone know if it is common practice for a company to send a formal
> letter to individuals that send infected documents through to a company?
Some companies do.
More *should*.
A few go as far as making it a matter of contractual necessity
that their suupliers and contractors will *not* supply them
with viruses. Contractually-agreed responses to failure in
such cases include black-listing the faulty party from
consideration for future contracts. These terms should be
*absolutes*. This has two benefits -- it prevents legalistic
back-peddling by an offender on irrelevant grounds ("it was so
new our AV software did not detect it") and thus it tends to
focus responsible attention on quality assurance issues that
can be taken to ensure that such "unfortunate incidents"
cannot occur. That's what I'd call a win/win situation.
> Does anyone have any examples? Thanks everyone.
Sorry...
--
Nick FitzGerald
Zvi Netiv
> Does anyone know if it is common practice for a company to send a formal
> letter to individuals that send infected documents through to a company?
Sensible people will refrain from such "formality", for good reasons:
- It isn't uncommon that AV products false alarm where there is no
virus at all. "Reputable" products too.
- AV producers disagree as to what is considered virus code. A simple
and recent example is text flagged by one AV product as containing a
VBS worm, where others give it a clean bill of health. There are much
more trickier examples.
- Under some legal systems, sending such letter may put the sender in
an unpleasant situation, like being subject to libel suit, or of
damages, etc.
Discrete advice, preferably verbal, to the sender of an apparently
infected file, should be in order.
If you realize that tomorow YOU may be the one that sends an
apparently bogus file, then it will help you scaling your reaction.
> Does anyone have any examples? Thanks everyone.
There should be "smashing" examples in the Mafia archives. ;)
Regards, Zvi
--------------------------------------------------------------------
NetZ Computing Ltd. ISRAEL Tel. +972 3 9386868 Fax +972 3 9386869
InVircible AntiVirus Software, ResQ Disk and Data Recovery Utilities
Homepage: http://www.invircible.com E-mail: Sup...@invircible.com
--------------------------------------------------------------------
Raid Slam
<5FF74871E48A9649.6BF92CAE...@lp.airnews.ne
t>, Zvi Netiv <z...@invircible.com> wrote:
>Sensible people will refrain from such "formality", for good
>reasons:
>
>- It isn't uncommon that AV products false alarm where there is
>no virus at all. "Reputable" products too.
It's not uncommon for Inviricible to claim it's
detected/disinfected something when nothing was there to
detect/disinfect in the first place. It's not uncommon for
invircible to consume large amounts of your hard disk space, and
provide you with little to no defense against viruses and other
malware. It's not uncommon when asked about this that Zvi Netiv
won't personally attack yourself and/or your company.
>- AV producers disagree as to what is considered virus code. A
>simple and recent example is text flagged by one AV product as
>containing a VBS worm, where others give it a clean bill of
>health. There are much more trickier examples.
AV producers disagree on many things. One thing they do not
disagree on however is that Fact that Zvi Netiv is what's known
as "a snakeoil salesman". He'd try to sell you life insurance on
your death bed.
Regards,
Raid [SLAM]
#
> AV producers disagree on many things. One thing they do not
> disagree on however is that Fact that Zvi Netiv is what's known
> as "a snakeoil salesman". He'd try to sell you life insurance on
> your death bed.
>
> Regards,
> Raid [SLAM]
Hmm, the same sort of salesman who'd sell you fire insurance while you stood in your house with a can of
petrol in one hand and a lighted match in the other............?
:-)
Sharkman
does not To: or From: fields in reports. Although it was
annoying before that it showed the display name, not the e-mail
address, now it shows nothing. Support said they had no idea why
it was taken out. *sigh* <rhetorical> Why do software companies
do crap like this? </rhetorical>
-- Tom R. Earlywine
Posting e-mail address does not constitute request for Commercial Email.
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *