Managed Service Provider, NetActive has successfully stopped the mass-mailer Internet worm, known as Badtrans.b, from attacking its network, by using a unique e-mail management and content security interface, which the company launched to the market several weeks ago.
The company`s e-mail management system picked up the worm virus for the first time in the early morning of 26 November, 24 hours before it made the news headlines.
"Customers that are utilising NetActive`s e-mail management and content security service were automatically protected from the attack," says Graeme Slogrove, Director of New Product Research at NetActive. NetActive has blocked over 380 e-mails containing the virus in the period of five days for its own network.
The virus is reported to have a high security threat because it can proliferate itself by being previewed in Outlook express. "The worm utilises a security hole in Internet Explorer to execute itself," says Slogrove.
"The sender will never know if he has a virus on his machine because when it sends itself it adds an underscore symbol to the beginning of the sender`s e-mail address, which will prevent virus notification reply from the receiver`s postmaster. The worm arrives in the recipient`s in-box with a 'Re:` subject line. It sends the virus on messages the recipient has not replied to, thus `tricking` the recipient to think it is a valid reply."
NetActive`s e-mail management system picked up the virus through its File Type feature, which scanned for executable type files. "Because Badtrans.b is a new virus and the general virus updates take place every 24 hours, by scanning all incoming attachments and blocking executable scripts (.exe;.scr;.bat; etc.), we effectively blocked the virus before a patch was even released for virus scanners. Furthermore, since the virus installs a key capture programme, which possibly could be used for future fraud activity, it prevented security breaches and controlled proliferation of the virus," adds Slogrove.
Correlating NetActive`s virus attack reports, Slogrove believes the Badtrans.b attacks are on the increase. Customers who are concerned about these types of virus attacks can implement NetActive`s e-mail management system, which requires no capital outlay, as the application is hosted in NetActive`s Internet Data Centre on its servers. This results in both bandwidth savings for the client, as well as better control over the use of e-mail. A nominal monthly service fee is charged by the company and requires that the domain be held with NetActive. NetActive also offers this management service as a package to other ISPs wishing to install the product at their own premises.
Share