Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: New MyDoom or Netsky variant?
From: Timothy Chase <timothychase () gmail com>
Date: Mon, 19 Jul 2004 19:54:56 -0700

Sorry --  I see Mary was replying to Vic.  I got distracted right in
the middle of writing the email.  Two dabbers.

67.68.216.161
200.119.233.137


On Mon, 19 Jul 2004 19:26:39 -0700, Timothy Chase
<timothychase () gmail com> wrote:
Mary,

You have a good eye!

According to Sophos, there is a new  W32/MyDoom-N, and they have
updated their signature files accordingly.  You can expect that all
the major antivirus companies will quickly follow suite if they
haven't already.

I just had a Dabber on ports 5554 and 8967...  Old stuff, but the bug
is helping me debug.



On Mon, 19 Jul 2004 16:42:04 -0700 (PDT), mnv () alumni princeton edu
<mnv () alumni princeton edu> wrote:
FWIW:
Using NAV Pro 10.0.1.13, Virus Def's updated today, to
7/17/2004 defs.  Received 3 emails, 44kb attachment,
none detected as a virus.

BODY OF EMAIL:
The original message was received at Tue, 20 Jul 2004
11:21:16 +1200
from alumni.princeton.edu [(IP here varies each email)

----- The following addresses had permanent fatal
errors -----
<mnv () alumni princeton edu>

----- Transcript of session follows -----
  while talking to alumni.princeton.edu.:
MAIL From:"Automatic Email Delivery Software"
<postmaster () alumni princeton edu>
<<< 501 "Automatic Email Delivery Software"
<postmaster () alumni princeton edu>...
Refused

ATTACHMENTS:
message.zip
letter.com
pni.zip

Subjects:
Test
<none>
Returned mail: Data format error

And a 4th, subject "Deliveryfailed" that just shows up
as garbage text in the body, webmail indicates
attachment present.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]