A tussle with Virus world

A tussle with Virus world

When we hear the word 'Virus', we feel panic of being cheated by miniature bugs in software world and find ourselves in troublesome situation especially when we are business users having our useful data on the system. Regular critical Data Backup along with latest updated "Anti Virus" remains the only true friend at the time of attack.
In recent years viruses we heard or talked off are mostly in form of e-mail attachments making unknown users open the '.pif', '.scr' or even '.bat' or may be sometime '.exe' or '.com' file. Our today's news has such one direct fight with the Virus world and an attempt to trace the root cause of virus.

One morning, all of a sudden my POP3 software indicates 'You have 35 new messages', I become curious to see what made so many people write me at once even when I checked my mailbox last evening. I curiously start looking at status of messages that are coming into my machine.

Here comes alert message, your latest updated Anti-Virus says 'The mail content Attachment has virus namely…. ', you feel as if someone came in front of you with a sword in hand and is all set to injure you. At least you have a solid protection in form of latest updated anti-virus to fight the opponent; your trusted anti-virus kills the attachment and makes you feel relaxed. The Virus and Anti-virus war continues for around 20-30 minutes as every attachment has size more than 200k and mails are in numerous numbers. The same process continues with the virus sender repeating the act many times when you check your mailbox throughout day.

Once all mails are scanned and downloaded after deleting attachments, your POP3 shows you mail headers of all mails you received. Interesting part of virus definitions is they show you different name and mail ID with every e-mail sent making you feel the other way. You start writing mail owner in fury to remove the said virus at earliest. Here comes the intelligence, do not write the mail owner, most of today's viruses hacks your address book and sends mails in your name instead of unique name.

Follow another genuine weapon provided with the e-mail service. Every e-mail generated has its unique ID with the server where it generated. So get the Internet Protocol (IP) address of that server along with mail ID shown in 'View Full headers' of mail that we receive. Once you have this piece of information, you are at ease to trace the source of mail. Now open any of 'traceroute' software providing facility to trace IP address from your DNS, you can even use many trial mode IP trace software available on Internet. The software once we put IP shows detailed information about that IP address with critical information such as name, e-mail, abuse e-mail, telephonic contact, address etc. along with other useful info such as WHOIS info of the said IP.

So now, write a mail to owner of that IP address clearly stating the reason and force on specific keywords like 'Your immediate attention is needed'. Once we send the mail, it becomes utmost duty of IP owner to uphold our privacy and take immediate action to stop the mails sent to us. You are sure to get thy reply within six hours mostly with a message that they apologise you for the same and have stopped the IP user from doing so. You will feel joyous with such a wonderful facility provided by IP assigning authority. If the IP owner does not responds, do not panic you have another tool, write to organisations like CAUCE, spambag etc, they are sure to help you a lot.

The smart virus sender continues attack from another location; follow the same route as earlier. It is sure that such virus mails will stop after your two/ three such e-mail to IP owner.

The Author 'Umesh B. Sethia' is a System Technology connoisseur and he can be contacted at 'ubs@santronix.com'