North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: email virus ==> over the top

  • From: Joel Jaeggli
  • Date: Thu Aug 21 15:00:30 2003

On Thu, 21 Aug 2003, neal rauhauser wrote:

> 
> 
>   No one loves me and I don't get much email from the folks who tolerate
> me. I just got back from having lunch with some guys who tolerate me and
> I found scads of messages from all over -the funniest among the bunch
> for our Nanog readers:
> 
> <user>@cisco.com
> <user>@tacnet.com
> <user>@wcom.com
> <user>@sprint.com

it (sobig) forges the source email address using the same set of files
that it looks in to find email adresses to send to... So all you can
insure is that the user sending it to you is on some mailing list you're
on or your email address is in their browser cache someplace... you have 
to look at the source ip address for the first hop to identify the 
culprit...

joelja
 
> 
>   Looks like my internetwork equipment vendor and my two favorite peers
> have their Windoze stuff in a complete state of 'higgledy piggledy' - a
> technical term from Bloom County cartoons, for those not old enough to
> remember.
> 
> 
>   I hate to rub it in, but I've got fifty days of uptime on everything
> I'm responsible for and the only reason it isn't a hundred and fifty is
> due to me taking them down for an OS upgrade.
>   
> root         1  0.0  0.1   552    0  ??  ILs   3Jul03   0:01.56
> /sbin/init --
> 
> 
>   Windows is a question presented to each of us. Some find their answer
> here ==> http://freebsd.org
> 

-- 
-------------------------------------------------------------------------- 
Joel Jaeggli  	       Unix Consulting 	       [email protected]    
GPG Key Fingerprint:     5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2