|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Shock news - NANOG likely to carry less operational content
I never received any of those mailings. Never ever. Are specific people being targeted? A quick scan of the machine that sent this reveals what appears to be a MS Personal Webserver running on a Winblows machine: $ telnet 168.212.244.134 80 Trying 168.212.244.134... Connected to 168.212.244.134. Escape character is '^]'. GET / HTTP/1.0 HTTP/1.0 200 OK Server: Microsoft-PWS-95/2.0 Date: Fri, 14 Jan 2000 18:09:01 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Sun, 22 Aug 1999 05:10:40 GMT Content-Length: 2117 [snip] Let me take a good guess about the security of this system, given that it seems to run a version of this server from 1997. Tanks are rolling. bye,Kai At Friday 11:34 AM 1/14/00 , William Allen Simpson wrote: >I've received several of these the past month, with valid operational >subject lines, and all trying to get me to click and run an .exe. >Good thing I read my email on a Mac! > >They are using the operational list persons as targets! Shall the >operational folks get together and find them? > >Alex Bligh wrote: > > > > I *believe* (really hope) this SPAM impersonating a NANOG poster > > replying to a thread (traceroute doesn't go through pacrim.net). > > > > Op content: > > > > If so, be prepared for all sorts of being accused of sending > > all sorts of other exciting messages about lesbians, cookie recipes > > etc. etc. > >... > > Received: from [168.212.244.134] (helo=3Dmail.gxn.net) > > by brimstone.noc.gxn.net with smtp (Exim 3.02 #3) > > id 1291Gi-0004Sb-00 > > for [email protected]; Fri, 14 Jan 2000 07:35:36 +0000 > >... > > 2. Lesbians.exe > > >Mine were: > >Received: from [209.125.100.122] (HELO mail.greendragon.com) by watervalley.net >(Stalker SMTP Server 1.7) with SMTP id S.0003055677 for [email protected]; Thu, 16 Dec >1999 18:29:22 -0600 >From: Nora Lavelle <[email protected]> >To: [email protected] >Subject: Re: ARIN whois > >panther.exe > >Received: from [152.160.253.2] (HELO mail.greendragon.com) by watervalley.net >(Stalker SMTP Server 1.7) with SMTP id S.0003108551 for [email protected]; Mon, 20 Dec >1999 01:37:37 -0600 >From: Ivars Upatnieks <[email protected]> >To: [email protected] >Subject: Re: MCI/Worldcom fiber cut in NY? > >baby.exe > >Received: from [212.7.65.97] (HELO mail.greendragon.com) by watervalley.net >(Stalker SMTP Server 1.7) with SMTP id S.0003149731 for [email protected]; >Wed, 22 Dec 1999 07:04:26 -0600 >From: CORE <[email protected]> >To: [email protected] >Subject: Re: PAB after comments ? > >copier.exe > >[email protected] > Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32 >
|