Visit the new ACCC website! (beta)
ACCC Home Page Academic Computing and Communications Center  
Accounts / Passwords Email Labs / Classrooms Telecom Network Security Software Computing and Network Services Education / Teaching Getting Help
 
The A3C Connection, April/May/June 2000 The A3C Connection
April/May/June 2000 Contents Save Yourself from Email Worms How to Connect On Campus On Road From Home Dialin
Broadband: Cable and DSL More on Broadband You Are Not on Campus In-Home LANs More on Home LANs You've Been Hacked About the A3C Connection

Save Yourself from Email Worms (like the Love Bug!)

     
 
     
Never open any email attachment you're not expecting.
 

The first step is to resolve to never open anything that's sent to you as an email attachment unless you were expecting it. (As of now, at least. No worm has ever sent a preliminary email message announcing the imminent arrival of a second email message containing the worm. But I suppose that's just a matter of time.)

  
     
Turn off automatic execution of scripts.
 

But the first step is not enough. Regardless of what email program you use, you must also make sure that your email program never automatically executes scripts that come in email messages. Here's how:

For Eudora:
Select Tools->Options->Viewing Mail and make sure the "Allow executables in HTML content" checkbox is not checked.

For Netscape:
Select Edit->Preferences, then choose Advanced. Make sure the "Enable JavaScript for mail and news" checkbox is not checked.

For Outlook, Internet Explorer, et al.:
This is a huge question, but an easy answer is to stop Windows from executing .vbs scripts when you double-click them. There are instructions for all versions of Windows at: http://www.sophos.com/support/faqs/wsh.html

Microsoft has also provided updates to Office 2000 that close this and a number of related security holes, but these updates also take away some functionality. For a discussion and a download link, see: http://www.officeupdate.com/2000/articles/Out2ksecarticle.htm
CERT's take on this Office vulnerability is a bit different. Confused by Microsoft's and CERT's difference of opinion on how bad this problem is? See NW Fusion's Microsoft, CERT disagree on Internet Explorer patch.

  
     
Turn off ActiveX.
 

I went a bit further and followed CERT's instructions for disabling active scripting in both Netscape and Microsoft products: http://www.cert.org/tech_tips/malicious_code_FAQ.html#steps (Disabling ActiveX is a very good thing; it supports threats that cannot be defended against.)

Disabling active scripting broke GuruNet (http://www.guru.net/), a little one-click information service that I use, but I fixed that by following the instructions to add their Web site to my list of "trusted hosts": http://www.guru.net/support_faq_other.html#ActiveScripting

  
The A3C Connection, April/May/June 2000 Previous:  April/May/June 2000 Contents Next:  How to Connect

2000-7-7  connect@uic.edu
UIC Home Page Search UIC Pages Contact UIC