BAGLE.F worm Linux MAIL SERVER problem

Discussion in 'NOD32 version 2 Forum' started by buttollo, Jun 10, 2004.

Thread Status:
Not open for further replies.
  1. buttollo

    buttollo Registered Member

    Joined:
    Jun 10, 2004
    Posts:
    5
    Hello,

    My name is Mihai and I am from Romania.I am very glad that I found this forum because I want to clarify about the BAGLE.F worm how it works.
    I am a reseller of NOD32 and this morning I've received an email from a very important and special client which notified me that this kind of worm is not blocked under Linux Mail Server.The message was encrypted with password and the antivirus software checked it and let the infested email to be delivered in the email account.So, the virus passed the mail server and it was delivered on the workstation.Here, the Norman Antivirus (NVC) has captured it and blocked it...so, how can I explain this to my client?

    Plz help as soon as you can...
    Thank you very much.You're doing a good job...
    I'll have a long, long night...
     
  2. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    dear Mihai, some Bagle variants arrive in emails as a password protected archive. as the archive is locked by a password most antivirus softwares can't peek inside it. so the file isn't scanned. but during decompression the virus is detected. so there is no chance of infection. its quite normal that NOD32 failed to detect it. if you want more information about this bug click here.
     
  3. buttollo

    buttollo Registered Member

    Joined:
    Jun 10, 2004
    Posts:
    5
    Thank You very much for your support ...
    I want to ask you if you know what vendor can defeat on Linux Mail Server this type of infection.Does it exists?

    Thanks again ...
     
  4. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    dear buttollo, glad to be of any help. please visit those links and decide for yourself what do you want. the first one is a software product and the second one is a service.

    Link1 and Link2.
     
Thread Status:
Not open for further replies.