The most deadly viruses, able to cripple your e-mail system and corporate network in minutes, are being distributed worldwide via e-mail in a matter of hours (for example, the LoveLetter virus). E-mail worms and viruses can reach your system and infect users through harmful attachments. But that's not all! Some viruses are transmitted through harmless looking e-mail messages and can run automatically without the need for user intervention (like the Nimda virus). Are you covered against such threats?
You can find out with a free vulnerability check on your e-mail system by going to the GFI E-mail Security Test Internet Web site. There you sign up to test for these real world threats by simply entering your name and e-mail address. You will receive an e-mail asking you to confirm your request by clicking on a response link, after which the company will perform a vulnerability check of your e-mail system. You will receive the results by e-mail.
How the Tests Work and How to Interpret Them
These tests are designed to detect whether your e-mail system is safeguarded against a number of e-mail-borne threats. Some of the tests execute automatically, demonstrating vulnerabilities within Outlook and other e-mail clients which run the files automatically upon receiving or viewing the message. Others require the end user to run the attachment.
For tests involving an e-mail attachment, such as the VBS attachment and the CLSID extension vulnerability tests, if you can run the attached file in the test e-mail, then you are vulnerable. The test will create a file on your desktop called gfi-test.txt, which contains vital system information. If you are unable to run the attachment, this means you have effective desktop-level protection. For a network to be secure against this type of vulnerability, every machine on that network must have such client-based protection installed, including your servers.
For the MIME header and ActiveX vulnerability tests, if the text file gfi-test.txt appears on your desktop, then you are vulnerable to the exploit being tested for. In this case, gfi-test.txt is created automatically and contains vital system information.
If you do not receive a test e-mail that you requested, this should mean that you are protected against that particular vulnerability—the test e-mail will have been quarantined or blocked at mail server level.
Test Safety Guarantee
GFI guarantees that these tests are very safe and do not do anything dangerous.
GFI is a leading worldwide supplier of security and communication tools for NT/2000 administrators. GFI's product range consists of FAXmaker fax server software, Mail Essentials e-mail security, content checking and anti-virus software, and LANguard network security software. Founded in 1992, GFI is a global company with offices in USA, Germany, France, Australia, Malta, and the UK. GFI is a privately-held company, and employs 55.
Detecting network attacks and other security breaching schemes is as much an art as a science, and that is not likely to change any time soon. There is also no lack of systems for detecting security breaches. IT managers can avail themselves of a variety of software tools, services and appliances ranging from firewalls to intrusion detection systems to log analysis programs to managed service providers. That is the science. Mastering the art of detecting the actions of a motivated, inventive attacker takes human detectives who are just as ingenious and relentless as their opponents.
This article is reprinted from the Fallbrook PC Users Group Newsletter.
