Progress…
Well, things are shaping up a little better today on some fronts. My webhosting provider apologized for the offensive tone of the subject of their message to me. (Given that they provided the script that they warned me about.) And they’ve taken my suggestion to pass word along to ALL of their customers that have the script in their account that they should find an alternative and get rid of cgiemail. The fact is cgiemail as a script has not been maintained in several years and there are other options out there. I encourage ANYONE using it to look into replacements.
Well, in some small way I feel as though spammers may have a few fewer options.
Unfortunately though, just summarizing the latest log excerpts. There are around 666 unique IP addresses that have tried accessing cgi-bin/cgiemail on my server in the last 4 days since this started. Again, they cover most of the internet, I’ve only traced a few, but one traced to high speed isp in the northeastern US, another to a k12 school domain in the southwest US, I traced one to an ISP in Japan, another to an ISP in Brazil.
The fact is this (666) is the tip of the iceberg of the number of machines on the internet that in some way are “owned” by someone other than the person sitting at them. Unfortunately, I’ve known some people to blow off the idea of having a virus by saying “well, I don’t use it that much, I hardly ever send any mail, so I doubt I’d be sending much of anything out.” A lot of folks just don’t get it. Let me repeat here what I have had to repeat to customers more times that I can count.
Now. Windows is the most commonly installed operating system. It also is BY FAR the most targeted by virus writers. There are on average 100 new viruses released EVERY MONTH targeting windows operating systems. (According to www.sarc.com) Some are more effective than others. If you’re running an Apple Mac or a Linux/Unix desktop then viruses are more of a nuisance (deleting harmless email messages.) There are Mac/Linux viruses, but they are VERY few and far between (_maybe_ 1 a year discovered….)
When your system has a virus. It can send out copies of itself as long as 1) the power is on, and 2) the machine is connected to the internet. The monitor can be off, there can be no one in the house. It can be still churning out more viruses, and these days spam, or it could simply be hosting as a download site for free copies of Microsoft Office that someone has pirated. All without ANYONE at the machine noticing (except maybe a cut in bandwidth.) These days viruses have made quite a bit of “progress” in running on a machine without the instability that used to be the earmark of a viral infection. (There are exceptions of course…)
So here’s what I tell my customers. You need to have antivirus that is kept up – to – date. How often, ?? If you’re on dial-up once a week may be enough, Broadband, let it update daily if there’s an update it can receive. Also, make sure that your connection is firewalled. If you have no idea what this means, find someone to help you. Your solitaire/web/email appliance could be helping spammers/software pirates and who knows what other groups that would rather someone else be caught with illicit goods than themselves.
Interesting related article Viruses nip Russia
Think about how eager you’d be to see a police car in the drive with a warrant to search your computer for serving up child pornography before you blow off the importance of keeping your antivirus up to date.
browser hijacking risks
There are a few good resources for free antivirus. Grisoft is one that I recommend. Also, if you’re interested in finding out more about the built in firewall in Windows XP, go to and search for Windows XP firewall.
Good luck!