-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----- Original Message -----
From: "Jennifer L. Gatza" <jenl@AUTO-SERV.COM>
To: <PICLIST@MITVMA.MIT.EDU>
Sent: Thursday, August 15, 2002 8:31 AM
Subject: Re: [PICLIST] [OT]: Worrysome emails


> > I suspect the KLEZ virus works like this:
>
> This is my viewpoint of one Klez propagation method (and, once
> again, I have no factual basis, just reasoning based on the
> experiences of myself and my colleagues):
>
> 1. Infected web servers spider other sites for keywords and/or
> e-mail addresses.  If your e-mail address is not published anywhere
> online, and you don't visit a site hosted on an infected server,
> you will never be affected by Klez.
>
> 2. Klez has its own SMTP engine, so it is not limited to Outlook
> (ok, this one I know for a fact)
>
> 3. To become infected, one typically views an HTML page that hosts
> the viral code.  (This HTML may be via a web browser or HTML mail)
>
> If someone has more accurate information, please share it!  The
> published information that I read seems to leave some gaps (perhaps
> intentionally). This has become a hot topic to several of my
> clients, not to mention a personal curiosity.
>
> Jen

I found http://www.europe.f-secure.com/v-descs/klez.shtml to be very
helpful.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPVvvXwVk8xtQuK+BEQI95wCdHchktmnjW84eRFGKp4IxxyQIikkAmgLK
911LMHohy3EYgbWEnNp1DY+L
=UI6t
-----END PGP SIGNATURE-----

--
http://www.piclist.com hint: PICList Posts must start with ONE topic:
[PIC]:,[SX]:,[AVR]: ->uP ONLY! [EE]:,[OT]: ->Other [BUY]:,[AD]: ->Ads