Virus?

Page 1 of 3  
I received an email from the Microsoft Outlook account manager. You said they went the email while testing my pop3 account. Is this a virus? I can't see why Microsoft would sent me an email, or test my pop3 settings as I am not with them.
--
--

Checked by AVG anti-virus system (http://www.grisoft.com ).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Spell checker, so again...
I received an email from the Microsoft Outlook account manager. It said they sent the email while testing my pop3 account. Is this a virus? I can't see why Microsoft would sent me an email, or test my pop3 settings as I am not with them.
I have read that there are many emails around with fake Microsoft addresses, and that Microsoft do not email people. I deleted it.
--
--

Checked by AVG anti-virus system (http://www.grisoft.com ).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
IMM wrote:

MICROSOFT NEVER SEND E-MAILS. At least the 'we priduce windows' as opposed to 'we attempt to run what we pretend to be an internet service provision busimness (MSN.com)'

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

as
addresses,
I think you mean Microsoft never send emails containing patches. I have plenty of genuine emails from Microsoft notifying me of their vulnerabilities and the patches available - however, the patches themselves are never sent via email.
D
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
IMM wrote:

Almost certainly a virus. Do you have a virus scanner? Worthwhile these days. Keeps you out of hot water. There we are. Back on topic.
IanC
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
says...

Probably not. When you set up your email account in Outlook you probably hit the "Test Settings" button. This creates a test message, sends it to your SMTP server, then gets it from your POP server.

They didn't - you did. Notice that the message is from you? I just tried it and here's the message:
Subject: Microsoft Outlook Test Message
Content: This is an e-mail message sent automatically by Microsoft Outlook's Account Manager while testing the settings for your POP3 account.
--
Hywel I do not eat quiche
http://hyweljenkins.co.uk /
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
writes

Do you really need to ask ?
C'mon John, you can't be that stupid
(you could try posting emails which make sense though)
--
raden

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload


So are you saying that it is a virus? From what the OP has (badly) copied & pasted, I'd say it isn't. It's just the message that Outlook creates to test email account settings.
--
Hywel

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

said
settings as

I did a test and it is an email Outlook sends to you (from yourself to yourself). There is nothing to indicate that it will do that though. Also there are numerous emails around with Microsoft addresses.
--
--

Checked by AVG anti-virus system (http://www.grisoft.com ).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

as
Maxie, have you had any Microsoft emails?
--
--

Checked by AVG anti-virus system (http://www.grisoft.com ).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Probably not, but there have been a number of mails purporting to be from Microsoft recently which even have correct URLs and links for support. They claim to be software updates but actually have virus or trojan horse attachments. Microsoft does not distribute software updates by email.
Over the weekend I received an email purporting to be from PayPal asking me to verify my account details. This again looked genuine and had a URL to a web site inviting one to fill in personal data including bank account and credit card details. Some simple checking revealed that the site was in Korea.
Looking at mail headers for the originating domains or addresses or relays used along the way is normally revealing. These can be spoofed, but the majority of these scam messages are not that well done.
It is important to use a virus scanner and maintain the subscription. Again this is not 100% foolproof but is another layer of protection.
Good practice is to use multiple means of protection, ideally from different vendors.
If you have any form of "broadband" or always on connection, you have the additional threat of attacks via the internet. This is possible on dial up connections but statistically not as likely since connection periods are shorter and addresses tend to change for each connection, making a concerted attack less likely.
Unfortunately a lot of people with "broadband" connections do not have firewalls or even know about the need or have the skills to implement. These are very easy sitting ducks to target for the hacker.
Using software firewalls on Microsoft "operating systems" is better than nothing, but not much better than nothing and can lead to a sense of false security. Again, the ideal is to use multiple layers of protection from different vendors.
.andy
To email, substitute .nospam with .gl
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Andy Hall wrote:

Hi
Metronet started offering a firewall at their end last week, with a couple of optionally open ports in case you're running HTTP ot SMTP servers.
Do any or many other ISPs offer this?
IanC
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Ian Clowes wrote:

possibly, but I wouldn't touch a firewall thatcame from an ISP.
Roll yer own. Therare planty of NAT style routers that go on broadband systems and give you 95% protection or better for under 100 squids, and allow several; PC's to use the line.
Run a virus detector on the PC and thats 99% of what you need under YOUR control.
I run beghind a cisco ISDN router, for historical reasons. My PC doesn't even HAVE a publically accesible IP address, and can't be hacked withot first hacking the Cisco. Which might be possible, but I couldn't do it.

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Not forgetting to check for IOS upgrades, since this is not totally immune to attack.....
.andy
To email, substitute .nospam with .gl
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

servers.
If on broadband, cheap routers are around (50 from PC World?). Put one of these on and the IP addresses behind it are invisible to the outside world, then have your PC on one of these addresses. Then have a software firewall on your PC too. If on broadband a router is imperative. Easy to set up.
--
--

Checked by AVG anti-virus system (http://www.grisoft.com ).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

You are referring to NAT (Network Address Translation). Yes, this does add quite a lot to protecting a small network, but the firmware in low end routers is limited and some products can be compromised quite easily. However, this is better than nothing and does raise the bar to casual hackers.

On Windows that is almost pointless because the underlying "OS" is unstable and vulnerable for networking.    An intermediate firewall running Linux or xBSD is more solid.

.andy
To email, substitute .nospam with .gl
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

I can tell everyone a story about this situation as follows.
NTL put cable modem into our area about 3 years ago. I immediately signed up. Cable modem was duly installed. Then my problems began.....
My W2K server randomly restarted. I'm not talking here about a graceful Windows shutdown and restart - it was just as though someone had hit the reset button or power cycled the PC - from Windows to hard reboot instantaneously. Now you see it, now you don't.....I was watching the server console when this happened so I know exactly what it looked like - one minute you have a friendly Windows interface looking at you, and an instant later the bios is running its self tests.
I purchased two high quality software firewalls (well I thought they were high quality anyway!). Wingate and Conseal. Tried both, did not cure the problem, still got random restarts on the server - which was configured to act as a gateway for the other PCs on the network (two NIC cards). Tried both firewalls together - no dice.
I lost my C: drive as a direct result of this - one time it would not restart, I presume the disk had been scrambled. Fortunately I had done a full backup with Norton Ghost the evening before so it didn't compromise me for more than half an hour (see other thread about backups).
Raised the issue on a technical forum which I had access to. One knowledgeable chap who knows about these things asked for my IP address and we agreed a time - 10pm one evening. At that time he configured his system to attack my IP address (purely in the interests of investigation - it's his day job and he doesn't do this to suckers who aren't expecting it). Sure enough, within 30 seconds of the attack starting (I was watching the cable modem lights buzzing) my server bombed, so guilty party found - it was the cable modem connection allowing some nasties to come in.
Another expert advised that I should buy a Netgear FR314, which is a firewall router. I believe this runs Linux and one of the better known firewalls. From the day it arrived I never again saw a phantom restart, and the FR314's log files show multiple attacks taking place every single day.
For anyone on ADSL Netgear (and other companies) offer a similar device to the FR314 - the latter is for cable modem only.
The main problem with a software firewall installed on a PC (and the reason these didn't work for me) is that before the software firewall has a chance to monitor and intercept the traffic, that traffic has to come into the PC NIC card. And if the attack is designed to attack the NIC then the firewall just won't stop the attack. Cheaper NICs (which I have) aren't very robust to attacks which take place.
Much better IMHO to have a hardware (or Linux box) firewall sitting on picket duty between the incoming connection and the PC network. That way the PC doesn't get to receive the bad guys - they are stopped at the entrance gate by the hardware firewall.
PoP
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

of
world,
Yes of course, but far more complexity and expense. A simple software firewall and a cheapo router gives 100 times more protection than nothing at all.

--
--

Checked by AVG anti-virus system (http://www.grisoft.com ).
Version: 6.0.520 / Virus Database: 318 - Release Date: 18/09/2003
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Actually not because you can reuse an old machine and the software is free. There are firewall distribution packages that are not any more complicated than a dedicated firewall/router.
Using both is better still.

.andy
To email, substitute .nospam with .gl
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

If we are talking "always on", then to me it seems far simpler for Joe Average to get a router cum firewall one box solution. It could even be running some form of U**x inside (to appease the hair-shirt brigade), who knows. (I don't, nor do I care.)

Isn't this like wearing two condoms ? Your foil hat is slipping off...
--
Mail john rather than nospam...

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Related Threads

    HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.