Spam Assassin
| RivNet BBS | Berri payments | sircam virus |
Code Red virus | peachy virus
HalfLife server Renmark ITC Sulfbnk Virus Hoax Web Mail
Badtrans virus Peace virus Newpic virus Nimda virus
Anti spam links Check your connect speed
January 19 2004
Virus Warning - Beagle worm
Please be aware of the Beagle Virus which has been detected in the Riverland.
It simply has "Hi" in the subject line. Delete it if you do not know the person it is from, and even maybe if you do! The virus looks for address books.Full details are here....
http://www.sarc.com/avcenter/venc/data/w32.beagle.a@mm.htmlRemember that the best defence against viruses is to not open ANY attachments which come from anyone that you do not know. And use an anti-virus package which is up to date to protect you from people that you DO know!
Possible Virus/Worm
We have observed a number of emails purporting to be from Microsoft, offering update patches which are attached. It is highly likely that these are dangerous files, as Microsoft do not mailout patches.
The subject is "Current Internet Security Patch."
One account here received three such emails in 30 minutes, all under different file names, and subjects. We recommend that you delete any of these emails, and do NOT run the exe attachment.
Attachments named installation3.exe, upgrade1463.exe, and pack.exe have been seen.August 14
Blaster Virus
This virus has received a lot of publicity over the past few days. It affects Windows XP systems, and you do need to protect your system.Just go to the Microsoft site, and click on "UPDATE: Actions for Blaster worm", and follow the instructions. They are not complicated.
They will guide you through enabling your Internet Connection Firewall, then adding a software patch. You can run it from their site, or download it and run it.
Another good site is the symantec (Norton) site for more information.August 5
Virus pretends to be email from admin@riverland.net.au
One of the sneakiest viruses to date began spreading across the Internet this weekend. We didn't send it, I promise: we have never used the admin address.
Mimail (more info from Symantec) poses as an email from a potential victim's own sysadmin or ISP, suggesting that a user's email account is about to expire.
Potential victims are urged to open an attachment message.zip, containing a copy of the virus.
Users who unzip the file find another innocent-looking HTML file inside, named 'message.html'.
This file contains an embedded EXE file, when opened in vulnerable versions of Internet Explorer, will drop an executable named foo.exe and run it. More information on the IE MHTML vulnerability used here can be found in an April 2003 advisory by Microsoft.
On infected machines, the virus searches for email addresses on a user's hard drive. Mimail uses its own SMTP server to spread sending copies of the malicious code to email addresses harvested from an infected PCs.
June 19Domain Name warning
In response to some enquiries that we have had, here is a message being circulated by auDA.Consumer Alert
Issued by auDA - 18 June 2003
RegardingLetter/Fax from Domain Names Australia Pty Ltd
auDA has become aware that an company named Domain Names Australia Pty
Ltd (DNA) is sending letters and or faxes to some domain name
registrants regarding the .com version of their .au domain name being
available or unregistered.The communication is headed "Domain Unregistered" and could, in auDA's
opinion, be easily mistaken for an invoice. To this extent, auDA
considers that the communication could be misleading or deceptive.auDA believes that registrants should be aware that DNA is a company
controlled by Mr Chesley Rafferty, who is also a Director of Internet
Registry Pty Ltd.Both Mr Rafferty and Internet Registry Pty Ltd have been the subject of
previous media releases by auDA which can be located at:http://www.auda.org.au/about/news/2002070802.html
http://www.auda.org.au/about/news/2002072902.html
http://www.auda.org.au/about/news/2002090902.html
http://www.auda.org.au/about/news/2002092002.html
http://www.auda.org.au/about/news/2002092602.html
Chris DisspainCEO - auDA
June 4
Bandwidth UpgradeWe have just increased the bandwidth of our internet connection. We had a "side effect" for a while: some of our customers were having problems with on-line banking. We believe the problem to be fixed now, but please call us if things aren't working.
In case you need it, a quick fix was to put a proxy-server setting in your browser. This setting is a good thing anyway, you can leave it there permanently.
For Internet Explorer users, open Explorer, then go to TOOLS, INTERNET OPTIONS, CONNECTIONS, SETTINGS, then click in "Use Proxy Server", and enter the following in the address field: proxy.riverland.net.au and 8080 for the port number. Then close and re-start Internet Explorer.
On a different topic: we have received several calls from customers advising that they have been notified that they are sending a virus. The problem is mainly caused by a user who has the customer's address in their address book, and virus pretends that it came from someone else. It is wise to do a virus scan anyway.
May 22 2003
Virus warning
Keep your anti-virus software up to date, and don't open unknown attachments. There is a new virus circulating which pretends to be from support@microsoft.com.The virus arrives via email with one of the following subject names: Re: My application, Re: Movie, Cool screensaver, Screensavers, Re: My details, Your password, Re: Approved (Red. 3394-65467), Approved (Ref. 38446-263), Your details.
Within this emails is an infectious attachment of filetype .pif, .pi or .uue. Selection of these filetypes is random. If you double click of the attachment, you will get infected. It scans files (with .dbx, .eml, .htm, .html, .txt, and .wab) for fresh prospects for infection.
April 8 2003
New Banking Details
For those customers who pay by EFT, please note our new bank details. There are listed on our homepage under Business Details.
March 21 2003
New links on kids' safe internet page
We have added two more links to the Kids Safe Internet page which are worth bookmarking if you have children using your Internet account. They are the top two of the list.Take a look here.
September 17
Field Days Competition winners
The Riverland Computers lucky prize draws at site 124 (Riverland Computers, Renmark) are Denis Barrett of Barmera (Epson C41UX printer), and
Tracy Jones of Barmera (Pinnacle Studio DV8).Thanks to all who participated!
September 16
Plan Payments for Loxton district customers
Payments can now be made at Scarfes Electronics in East Terrace, Loxton.
Remember that Rohan can only process payments for our pre-paid plans, and if you are still operating a casual account, it would pay you to chat with Rohan about getting more hours per dollar!
See how you can save with our pre-paid plans here.
June 26
3 millionth log-in prize won!
A gift basket of great Dairy Farmers products to the value of around $70.00 went to Hentschke Transport of Loxton, who were our 3,000,000th hit... Congratulations folks!They will also will receive a FREE Plan 2 donated by Riverland Internet.
So, smoko will be a hit in their canteen for a while!May 7 - Klez virus
Watch out for this one.......it's a nuisance.Full details here.
April 17
Now you can minimise the amount of junk mail hitting your mailbox.
Check out our "Spam Assassin" filtering system and see if it can help you.
Click here.
March 26 - "Security Update" virusBeware of a virus via email pretending to be from Microsoft, and claims to be a "Security Update".
It's not, click here for details.
There is also a hoax doing the rounds called "A virtual card for you". It doesn't exist, so don't waste bandwidth telling all your friends as it requests.Check it out here, and perhaps bookmark this site's Home to refer to in future, so you can check the virus gossip for yourself!
VMyths is a good site for hoax information too.March 21 - Anti-spam links
We have all noticed the growth of junk mail, and know how annoying it is.
Here is a list of links showing how various organisations approach the problem.
The first link offers further links if you are motivated to take further action.
Check them out, and be prepared to take the time to learn what you can do to minimise this niusance!You may like to search for more information with the search engines too.
http://help.apexmail.net/e/info2/antispamnotes.html
http://www.sheldonbrown.com/spam.html
http://www.ecofuture.org/jnkmail.html
http://helpdesk.gwu.edu/helpdesk/manuals/mailfilter/spam.html
http://ist.uwaterloo.ca/ew/software/spamtips.html
http://spamcop.net - to report unsolicited mail.
February 19 - HalfLife server opens
We are now hosting our own Halflife Deathmatch server for use by our
customers - Details can be found at http://games.riverland.net.au.February 14 - Renmark gets ITC for public use
The Internet Technology Centre at the Renmark Paringa Community centre was opened on Feb. 6, and is now available for public use.
Services offered include Internet use, computer use, printing, scanning, and CD burning, all at affordable prices for all members of the community.
The centre is located at:
86 Nineteenth Street, Renmark, 5341
Ph 8586 5745, fax 8586 5377
email: admin@rpcci.org.au
January 18 - Check your speed
Here are a couple of links to speed testing sites. Note that they only indicate your speed at the time, and many factors affect connection speeds.
Use them as guides only.Site 1
Site 2
(This site has links to other sites if you want to play the field.)
January 3 - sulfbnk.exe virus hoax
Some of you may have received an email telling you to remove a file because it is a virus....NOT TRUE! It is a valid Windows file!
It's a "virus" that makes you do the dirty work!As far as we know, removing the file does no damage, but it can be restored -
do a search on the web for the word "sulfbnk" for more info.
December 6 - WebMail online now!
Now you can read your Riverland email even when your computer isn't handy!
You can get email from any computer with net access, (library, net cafe etc.) and from anywhere in the world.Plus, you can preview what is in your inbox, and remove any messages which are large enough to cause problems downloading, or are taking too long. It can do most things that a normal email program can do.
To use it, click on the WebMail link, then enter your username and password, and after a short pause, it will display your Inbox. (Not the mail itself yet). To delete an item, click in the relevant box, then scroll down to the trash can and click it.
Just click on a message to read it. Try it!
Reading your messages from here will not remove them from your mailbox unless you intentionally delete them.After reading a message, remember to click on INBOX to return to your list of mail. It seems to work better than using your BACK and FORWARD buttons in your browser.
There is a permanent link on the homepage in the green bar in the centre.
Also you can remember the address...webmail.riverland.net.au and bookmark it.
Although many users will find this useful, it isn't intended to replace a fully featured email program.The webmail is more expensive to use, as you have to stay on-line while you read and write your messages, which can take a while.
We use and support the Eudora free email program, ask us how!
Send your comments and queries to Postmaster.
November 27 - "Badtrans" virus alert
The badtrans virus is very active now, and you need to be aware that a real risk exists of being infected.Details are here. Note that you are advised that all files should be backed up before attempting to remove this one.
Like most viruses, it exploits weaknesses in Outlook Express. A patch to correct the problem is at :
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp
However, a better choice of email program is the best long term protection from email viruses.
We suggest a version of Eudora from our Fast Download area, and you will be protected from most virus infections.
The virus situation will only worsen, so perhaps it's time to consider this option.At the very least, obtain a good anti-virus application, and keep it up to date.
We continue to notify users who we detect have a virus, and remind you that, if no action is taken to remove it, the account is locked to protect our customers until we are notified that the relevant machine is clean.
September 25
VIRUS ALERT W32.Vote.A@mm
W32.Vote.A@mm is a mass-mailing worm written in the Visual Basic language.When executed, this worm will attempt to email itself to all contacts in the Microsoft Outlook address book, and delete files.
The email will appear as follows.Subject: Fwd:Peace BeTweeN AmeriCa and IsLaM!
Message:
Hi
iS iT A waR Against AmeriCa Or IsLaM !?
Let's Vote To Live in Peace!NOTE! Attachment: WTC.EXE Recognise it and don't open it!
More info at:
http://www.symantec.com/avcenter/venc/data/w32.vote.a@mm.html
September 21
VIRUS ALERT w32.nimda virusThis is a particularly active virus, and it is hitting the riverland.
It spreads in several ways, and you can get it without opening an attachment, although one of the methods it spreads is through an attachment called readme.exe. So, be ready if it tries to infect you by that method.
There are more information links below, but the best protection at the moment
is up-to-date anti-virus software.If you have been putting off taking virus threats seriously, this is the one to change your mind because of the ways it spreads.
We can conquer it if we act responsibly.We stress that, even if you are virus-wise,
you can get and spread this one before you know it!So we urge you to obtain and use a current anti-virus package.
LINKS for more info:
http://www.sarc.com/avcenter/venc/data/w32.nimda.a@mm.html
http://www.itnews.com.au/story.cfm?ID=7927
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2811488,00.html
August 20
We've had a couple of calls over the past week or so regarding strange happenings with MSN Instant Messenger.
We have since discovered that this IS a non-destructive virus - Troj_newpic.A. For more info, and removal instructions, check out: http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=TROJ_NEWPIC.A
This virus only affects Microsoft products.
A substitute for MSN messenger is ICQ, from www.icq.comVirus scanning - your responsibility!
It's true that our mailserver does scan incoming email for a couple of the common "Microsoft email viruses", and catches some every day.
But it won't catch them all: except for stopping email, there's no guaranteed way to do that.
Please don't think that your email is safe because of our virus scanning!August 15
A scam NOT involving internet!
Here's a story to tell your friends about, and it can happen to anyone with a cellphone!
Mobile phone users should note that there is a new scam circulating that is transmitted as a SMS text message.
The SMS message reads something like:
"Please call me on 09011500065 Urgent - From KB".
Do not call this number:
it is a premium phone line that charges $5 per minute. When you call, you will get an engaged tone. This is not a real engaged tone, but a recorded sound.
Callers who redial will be charged the $5 fee for each attempt. The SMS has been generated from an overseas source.
Optus is currently looking into whether these messages can be blocked. In the meantime, users are urged to delete the message and make any family, friends or colleagues aware of the problem".August 13
Businesses, be aware; plus, another virus
With the impending launch of the new .BIZ and .INFO domain extensions starting October 01, businesses should be aware of two things.
First, they should give some thought to considering if they could benefit, and prepare to register a name.
Second, they will probably be getting spam mail urging them to pre-register a name that they may want. However, they should note that there is no way that pre-registering gives them any advantage, and they should not make any payments, as pre-registration can not be guaranteed to become permanent.For more information, check out the ClicknGo site.
Now, a PDF virus -
VBS_PEACHYPDF.A is a proof of concept worm that propagates via Microsoft Outlook.
It arrives in an email as a PDF file attachment with an embedded Visual Basic Script.
If the PDF file is opened and the computer has Adobe Acrobat installed, the embedded VB Script is executed.
From the infected computer, the worm sends email with itself as a PDF attachment to no more than 100 recipients in the BCC: (blind carbon copy) field. The subject, message body, and file attachment name vary.
An example of the email that this worm may come in as follows:
Subject: Fw: Find the peach Body: Try Finding the peach =)
Attachment: FIND THE PEACH.PDF
Again, don't open unknown attachments, especially if they look like this one, mentioning the peach.
Eudora, Netscape and Pegasus users should not be affected, but still trash it if someone sends it to you.
August 1
Code Red worm
The CodeRed Worm affects Microsoft Index Server 2.0 and the Windows 2000 Indexing service on computers running Microsoft Windows NT 4.0 and Windows 2000 that run IIS 4.0 and 5.0 Web servers. The worm uses a known buffer overflow vulnerability contained in the file Idq.dll. Information about this vulnerability and a Microsoft patch is located at:
http://www.microsoft.com/technet/security/bulletin/MS01-033.aspSystem administrators are encouraged to apply the Microsoft patch to prevent infection from this worm and other unauthorized access.
July 26
Virus Alert; Berri customer payments.
Virus Alert-PLEASE READ (removal link at end)
Please watch for a new and nasty virus known as W32/sircam. It is carried in attachments, and several Riverland Internet customers are infected.Consequently, if you are in their address books, you are at risk too.
W32/Sircam can infect a machine in one of two ways:
* When executed by opening an email attachment containing the malicious code
* By copying itself into unprotected network shares
Propagation Via Email
The virus can appear in an email message written in either English or Spanish with a seemingly random subject line. All known versions of W32/Sircam use the following format in the body of the message:
Hi! How are you?
[middle line]
See you later. Thanks
Where [middle line] is one of the following:
I send you this file in order to have your advice
I hope you like the file that I sendo you
I hope you can help me with this file that I send
This is the file with the information you ask for
Users who receive copies of the malicious code through electronic mail might recognize the sender. We encourage users to avoid opening attachments received through electronic mail, regardless of the sender's name, without prior knowledge of the origin of the file or a valid digital signature.
The email message will contain an attachment whose name matches the subject line and has a double file extension (e.g. subject.ZIP.BAT or subject.DOC.EXE). The CERT/CC has confirmed reports that the first extension may be .DOC, .XLS, or .ZIP. Anti-virus vendors have referred to additional extensions, including .GIF, .JPG, .JPEG, .MPEG, .MOV, .MPG, .PDF, .PNG, and .PS. The second extension will be .EXE, .COM, .BAT, .PIF, or .LNK. The attached file contains both the malicious code and the contents of a file copied from an infected system.
You really don't want this one in your PC!If you HAVE opened the attachment, download the removal software here.
Berri Customer Payments
As from August 1st, 2001, J.C. Irvings in Berri will no longer be collecting Riverland Internet payments.
But, there are several alternative ways for you to pay your account with us that you can take advantage of.
1.
You can use our secure server to make payments with your credit card while online, just go to https://swww.riverland.net.au/payment.
You need to know the user name and password for the account that you want to pay.
2.
You can use your credit card and make a payment over the phone.
Call 8586 6425 during business hours. Again, you need to know the user name of the account that you want to pay.
3.
You can send us a cheque or money order through the post.
Our Mailing address is :- Riverland Internet P.O. Box 832 Renmark S.A. 5341 Please indicate which username the payment if for. (on the back of the cheque would do)
4.
You can do a direct deposit in to our bank account and then e-mail us the details.
Our account details are,
Bank - National Australia Bank Limited
Account Name - Riverland Internet
Account BSB Number - 085 878
Account Number - 68678 9770
e-mail the details of the payment to accounts@riverland.net.au.
Or, if you or a friend makes a trip to Renmark for any reason, call in to Riverland Computers during business hours and make a payment with either credit card, cash or cheque.
July 12
New, improved community board!
We have just upgraded our community bulletin board.
Now it's easier to navigate, and we've added some categories to simplify posting and browsing messages.
The messages on the old board had to disappear, so re-post anything important on the new board under the relevant category if you like.
Take the time to check it out....you can lodge For Sale notices, publicise Coming Events, and even comment on stories in The Murray Pioneer!
July 3
Now that the financial year has rolled over, we have simplified the process of providing tax invoices for situations where you may have lost the original emailed ones.
When you check your account details now, you will see a new link which will list all your tax invoices for the year, and enable you to print them. Quick & easy!
Have your username and password ready, and take a look.
We have had a couple of reports of a virus which is contained in an attachment on an email marked "From Denise". It's not mentioned on the virus sites, so it may be a variation of an existing one. However, both local reports said that it was destructive. So delete any emails "from Denise".Finally, here's a link for those who would like to build a website without the complication of learning the techniques. It just uses the "drag & drop" principle!
Now anyone can make a web site!
Let's know how you go.http://www.homestead.com/personalsplash.html
PO Box 832
Renmark SA
5341Phone: 8586 6425
Fax : 8586 6999
28786
email us: info@riverland.net.au
