E-Mail has become a lot of business day-to-day office of the main mode of communication, in the virus everywhere today, e-mail has become a way to spread the virus, many enterprises are suffering from the mail virus harm. As an enterprise user's network management, how can comprehensively guard against the mail virus the erosion, to the Enterprise daily Office creates a safe application environment?
Definition and characteristics of mail virus
"Mail virus" in fact, like ordinary computer viruses, only because they are transmitted mainly through e-mail, it is called "Mail virus." "Mail Virus" is mainly to make the user's computer infected with the virus, or become a hacker in the hands of the chicken. "Mail Virus" in addition to the common virus can be transmitted, executable, destructive, and trigger characteristics, there are several characteristics:
1, infection speed: In a stand-alone environment, the virus can only through the U disk or CD-ROM media, from one computer to another, and in the network, you can through such as e-mail network communication mechanism for rapid spread. According to the measurement, for a typical PC network in normal use, as long as one workstation has a virus, can be in a few 10 minutes online hundreds of computers all infected.
2, spread widely: because the e-mail not only in a single enterprise within the spread, which directly causes the "mail virus" spread not only fast, but also a wide range of proliferation, not only can quickly infect all computers in the LAN, but also through the virus in a flash spread to thousands of miles away.
Figure a powerful "small mailman" mail virus
3, remove virus difficulties: computer viruses can sometimes be deleted by deleting the file, format the hard drive and other measures to remove the virus thoroughly. And the computer in the enterprise once infected with the virus, clean up the virus becomes very difficult, just complete the cleanup work of the computer is likely to be infected with another network of poison workstation, making the mail virus becomes very difficult.
4, destructive: The network of computers infected with the mail virus, will directly affect the work of the network, light to reduce speed, affect work efficiency, heavy network and computer crashes, data loss.
5, concealment: Mail virus compared with other viruses, more covert. Generally speaking, the mail virus is usually concealed in the mail attachment, or the letter stationery, this will speed up the spread of the virus to some extent, but also increase the difficulty of killing the virus.
Eyes identify mail virus
To prevent mail virus, must be able to accurately identify the mail virus, especially the enterprise network management personnel, must be trained to identify the mail virus "eyes". After mastering the characteristics of "mail virus", it helps network administrators to identify mail viruses. Below, the author introduces some skills to identify "mail virus".
1, see Attachment size: E-mail attachment is usually the "mail virus" the best carrier, by looking at the size of the attachment, you can identify whether the e-mail is carrying a virus. In general, a Word document attachment size of about dozens of K, a picture around 50K (clarity, size will have a very large gap), if the e-mail message is found that the attachment is hundreds of k, then the message may carry a virus.
Figure two normal word attachment sizes in a message
2, look at the e-mail address: "Mail virus" of the communicators will usually use some unfamiliar e-mail address, when received from a strange address mail, be sure to be extra careful. If this kind of mail has an attachment, be cautious, such a message has a very large likelihood is the carrier of the virus. For messages from unfamiliar addresses, after looking at the email address, look at the content of the mail, if the content is irrelevant and not related to the work, the basic can determine that the message is the carrier of the virus.
3, identify the authenticity of the letter: When the user writes a message, if the recipient's e-mail address is incorrectly written, the mail server will automatically return the message. Some "mail virus" communicators, usually use camouflage to spread the virus, because there is usually an attachment in the letter of return, writing the text of the user's message. Once the user has turned on the fake mail server system and viewed the attachment, "mail virus" will infect the user's computer. To this end, enterprise users must identify the authenticity of the letter. The way to identify the authenticity of the letter is very simple, look at the e-mail address can be. For example, NetEase's letter of withdrawal, its sender shows as postmaster@126.com.
Figure 3,126 The system of the mailbox back letter
There is no denying that many anti-virus software has the ability to kill "mail Virus", because the "mail virus" has a very strong concealment, anti-virus software monitoring may not be accurate. To this end, network management in the identification of "mail virus", preferably according to the "Mail virus" characteristics of identification, rather than relying too much on anti-virus software.