As the Mydoom worm blasts through the Internet, enterprises and individuals can take steps to protect against its infection, according to a security expert from Symantec's security response team.
Alfred Huger, the senior director of engineering with Symantec's virus watch group, suggested that organizations filter at the gateway for Mydoom's various subject headings. They include: test, hi, hello, Mail Delivery System, Mail Transaction Failed, Server Report, Status, and Error.
"Start dropping mail with those subject lines immediately," recommended Huger. But because filtering for those generic subject headings may also drop some valid messages, organizations should be prepared to cull the deferred messages before deletion, he said.
Other tactics users and companies can take include the typical -- update virus definitions at both the gateway and on desktops -- and the unusual. "Make sure that no one in the enterprise is using Kazaa," he said, noting that Mydoom can spread through that peer-to-peer software as well as via e-mail.
Like other recent worms, Mydoom can disguise its payload as any number of file types. But while most are automatically blocked by newer versions of e-mail clients, such as the popular Microsoft Outlook, some are not, most notably the .zip extension.