Home page logo
/

nanog logo nanog mailing list archives

Re: email virus ==> over the top
From: Joel Jaeggli <joelja () darkwing uoregon edu>
Date: Thu, 21 Aug 2003 11:51:56 -0700 (PDT)


On Thu, 21 Aug 2003, neal rauhauser wrote:



  No one loves me and I don't get much email from the folks who tolerate
me. I just got back from having lunch with some guys who tolerate me and
I found scads of messages from all over -the funniest among the bunch
for our Nanog readers:

<user>@cisco.com
<user>@tacnet.com
<user>@wcom.com
<user>@sprint.com

it (sobig) forges the source email address using the same set of files
that it looks in to find email adresses to send to... So all you can
insure is that the user sending it to you is on some mailing list you're
on or your email address is in their browser cache someplace... you have 
to look at the source ip address for the first hop to identify the 
culprit...

joelja
 

  Looks like my internetwork equipment vendor and my two favorite peers
have their Windoze stuff in a complete state of 'higgledy piggledy' - a
technical term from Bloom County cartoons, for those not old enough to
remember.


  I hate to rub it in, but I've got fifty days of uptime on everything
I'm responsible for and the only reason it isn't a hundred and fifty is
due to me taking them down for an OS upgrade.
  
root         1  0.0  0.1   552    0  ??  ILs   3Jul03   0:01.56
/sbin/init --


  Windows is a question presented to each of us. Some find their answer
here ==> http://freebsd.org


-- 
-------------------------------------------------------------------------- 
Joel Jaeggli           Unix Consulting         joelja () darkwing uoregon edu    
GPG Key Fingerprint:     5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault