?

Log in

No account? Create an account
Viruses - brad's life — LiveJournal [entries|archive|friends|userinfo]
Brad Fitzpatrick

[ website | bradfitz.com ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Viruses [May. 3rd, 2005|09:40 am]
Brad Fitzpatrick
Checking my mail this morning, I got over 200 copies of whatever new Windows virus is going around.

I'd setup ClamAV but I'm lazy and hate mail. Anybody got a procmail rule for this latest annoyance? It's always 75k with a zip file attached.
LinkReply

Comments:
[User Picture]From: garrettpalm
2005-05-03 04:44 pm (UTC)
Yeah, I got that at work from one of the hedge funds we invest in.

I'm really trusting them with our millions...
(Reply) (Thread)
[User Picture]From: lakeguy
2005-05-03 05:49 pm (UTC)
at least you didn't get the virus yourself
(Reply) (Thread)
[User Picture]From: brad
2005-05-03 05:50 pm (UTC)
I don't even worry about that, using Linux.
(Reply) (Parent) (Thread)
[User Picture]From: scsi
2005-05-03 06:03 pm (UTC)
Maybe just suffer with setting up clamav once and be done with it rather than deal with the daily flavor of windows virus bullshit and procmail rules?
ClamAV also detects phishing stuff too (so I hear) so it'll catch more than just viruses.
(Reply) (Thread)
[User Picture]From: brad
2005-05-03 06:04 pm (UTC)
You looking for a new sysadmin job now? :-)
(Reply) (Parent) (Thread)
[User Picture]From: scsi
2005-05-03 06:09 pm (UTC)
Heh, looking for a new journal site to acquire? :-)
(Reply) (Parent) (Thread)
From: evan
2005-05-03 06:34 pm (UTC)
It'd be hilarious if Brad ended up hiring someone as a personal sysadmin. Like a personal assistant, but instead of managing your life, a personal sysadmin just manages your computers. Hell, I could use one.
(Reply) (Parent) (Thread)
[User Picture]From: brad
2005-05-03 06:35 pm (UTC)
I have enough work for one, and Frank's reliable, trustworthy, and is recently out his sysadmin job. It might be a good idea.
(Reply) (Parent) (Thread)
From: evan
2005-05-03 06:43 pm (UTC)
He's only allowed to do it if he talks like that personal assistant from the Simpsons.
(Reply) (Parent) (Thread)
[User Picture]From: scsi
2005-05-03 07:00 pm (UTC)
Me: Uh, mr Fitzpatrick, your server is having problem
Brad: Exceleeeeeeeeeeeeeent smithers..er.. Frank.
Me: Sir, this is a bad thing
Brad: Exceleeeeeeeeeeeent! Get my car!
(Reply) (Parent) (Thread)
[User Picture]From: bostonsteamer
2005-05-03 09:37 pm (UTC)
s/car/porsche/
(Reply) (Parent) (Thread)
[User Picture]From: ckd
2005-05-03 07:01 pm (UTC)
I do in fact know of someone who hired what was, in effect, a personal sysadmin. This was back when you couldn't just buy hosting and DSL from any of a number of places, so you had to build it yourself or hire someone to build it for you.
(Reply) (Parent) (Thread)
[User Picture]From: ydna
2005-05-03 07:01 pm (UTC)
I don't particularly care for how this recipe disposes the messages into some directory and I never bothered figuring out how to make it do something different (/dev/null preferably), but here's one that sorta catches the shit before SpamAssassin goes to town on it:

# Nikos K. Kantarakias' procmail virus recipes
# See details at http://www.freshmeat.net/yavr/
# or maybe at http://www.aphrodite-studios.gr/nkvir/
# (it seems to move around)
# Do the following once in a while (URL seems to move around)?
# curl http://s92562228.onlinehome.us/yavr/nkvir-rc.gz | gzip -dc > /etc/procmailrcs/nkvir-rc

INCLUDERC=/etc/procmailrcs/nkvir-rc

# Spamassassin is entirely TOO easy to use

:0fw: spamassassin.lock
* < 256000
| spamc

(Reply) (Thread)
[User Picture]From: taral
2005-05-03 08:16 pm (UTC)
Just reject emails containing /name="[^"]*\.zip"/. :)
(Reply) (Thread)