On Thu, Jan 27, 2000 at 07:58:07PM -0500, Paul Kallstrom wrote:
> BTW, I'm not sure he tried to distribute it; I'd be more inclined to think
> that
> he's not very security conscious. (He IS using windows, after all).
Indeed, the "beauty" of happy99 is that it inserts itself into winsock
and then intercepts all attempts to connect to port 119 or 25 and
replaces the body of a normal piece of mail with itself. It takes no
coercing to do its thing -- it just waits for the victim to send mail or
post to lusenet and hijacks the post. The most annoying feature is that
you can't merely discard the item, since the sender thinks they sent
something and will screeam bloody murder if you drop their infected mail.
Well, that and the autospam from broken virus scanning packages....
--
Brian Moore | Of course vi is God's editor.
Sysadmin, C/Perl Hacker | If He used Emacs, He'd still be waiting
Usenet Vandal | for it to load on the seventh day.
Netscum, Bane of Elves.
