Well my dad recieved a letter from NTL yesterday accusing me of sending a 'virus' over my connection connection and next time it happens my account will be suspended. So i put the virus scanner on today and found alot of instances of netsky_p i think, any way its gone now. But how do isp's expect to let you get rid of it without giving the virus details. And i thought they cant moniter what sites you go on and what you do under the data protection act? and isnt it a bit obious if they know its netsky im not the one sending the virus as netsky has its own smtp engine right?

many companies build defenses into their network and the more sophisticated they are, the less likely they can identify the actual "virus". I know this sounds strange, but many companies have moved away from "signature" defined/based defenses to more "end result" defenses. What that means is, the defense looks at the traffic, decides that the end result of this attack is X, X is bad so the traffic is blocked and the packets are discarded.

What is the advantage of this? Well, there may be 100 ways to cause X. traditional network/system defense manufacturers look at each of the 100 ways, create signature filters for each one, load those into the signature file and they get loaded. everything is good....right up until way 101 of causing X is created....no signature for #101, #101 gets thru and does its dirty work.

If, on the other hand, you have an end result based defense, it doesn't matter than someone developed the 101st or 110th or 5000th way of causing X, all the defense is looking for is result X, if the command(s) cause X, then they are bad, no matter what appearance they take so KILL IT.

So the network that has this type of defense may not (and does not care) know what, specifically the virus is, just that there is one and whil e it is dead, in that stream of traffic, I know where it came from so I'll tell them (you) to deal with it.

Welcome to the world of the self healing and self defending networks.

thanks man, thats explained alot.

darn, I wish my customers (who are supposed to be tech savvy) picked it up as quickly as you appear to have!!

Now you need to have real time virus protection running at all times and on auto update, and some kind of firewall. Using broadband without both is like going into a pneumonia ward without a face mask.