Home page logo
/

basics logo Security Basics mailing list archives

Re: RE:Probable Trojan
From: Gene <flyersfanindc () yahoo com>
Date: 3 Nov 2003 20:01:54 -0000

In-Reply-To: <LAW11-OE24Uz48oxSF50000a226 () hotmail com>

The problem was not a lack of creative googling, it was a lack of information.  As stated, I failed to ask the obvious 
question.  Had I asked the question, I would have found the answer in 10 seconds or less.

I appreciate the info though.   


Received: (qmail 20039 invoked from network); 3 Nov 2003 16:50:04 -0000
Received: from outgoing2.securityfocus.com (205.206.231.26)
 by mail.securityfocus.com with SMTP; 3 Nov 2003 16:50:04 -0000
Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
      by outgoing2.securityfocus.com (Postfix) with QMQP
      id 36A4C8F777; Mon,  3 Nov 2003 03:57:28 -0700 (MST)
Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:security-basics () securityfocus com>
List-Help: <mailto:security-basics-help () securityfocus com>
List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
Delivered-To: mailing list security-basics () securityfocus com
Delivered-To: moderator for security-basics () securityfocus com
Received: (qmail 31437 invoked from network); 31 Oct 2003 00:40:18 -0000
X-Originating-IP: [202.153.39.88]
X-Originating-Email: [se_cur_ity () hotmail com]
From: "morning_wood" <se_cur_ity () hotmail com>
To: "Gene Bransfield" <flyersfanindc () yahoo com>,
      <security-basics () securityfocus com>
Cc: <incidents () securityfocus com>
References: <20031029214745.10351.qmail () web40305 mail yahoo com>
Subject: Re: RE:Probable Trojan
Date: Fri, 31 Oct 2003 12:22:35 +0530
MIME-Version: 1.0
Content-Type: text/plain;
      charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <LAW11-OE24Uz48oxSF50000a226 () hotmail com>
X-OriginalArrivalTime: 31 Oct 2003 06:50:38.0091 (UTC) FILETIME=[4AC7D5B0:01C39F7B]

as I reported in May,

http://lists.netsys.com/pipermail/full-disclosure/2003-May/004872.html

Try to google creativly.


morning_wood


----- Original Message ----- 
From: "Gene Bransfield" <flyersfanindc () yahoo com>
To: <security-basics () securityfocus com>
Cc: <incidents () securityfocus com>
Sent: Thursday, October 30, 2003 3:17 AM
Subject: RE:Probable Trojan


All,

Thank you very much for your information.  I
appreciate everyone's input and I have learned a lot.


Lesson learned: Always ask the obvious question.

The obvious question was: What were you doing with
your AOL account before it was hacked?

The obvious question was asked by the local sysadmin.


One would assume that my buddy would have informed me
about any recent unusual AOL activity (like
unsolicited emails), but it's really my fault for not
asking the obvious question.

Be on the look-out for the InstaKiss email from any
AOL addresses.  They are bogus.  The link associated
brings you to a false AOL login page where usernames
and passwords are harvested for SPAM mongers.  More
info in the link:

http://www.spamsolutions.net/instakiss.asp

I thought my buddy would have been smart enough not to
click on links in unsolicited emails, but alas my
friend is stupid.  I have informed him that he owes me
a case of beer.  I'll be happy to share with the list.

Thanks again,

Gene

__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

--------------------------------------------------------------------------
-
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_incidents_031023
and use priority code SF4.
--------------------------------------------------------------------------
--



---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]