[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] meay-meay! (virus sent via full-discosure list)
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] meay-meay! (virus sent via full-discosure list)
- From: "Bill Royds" <full-disclosure@xxxxxxxxx>
- Date: Thu, 25 Mar 2004 08:36:59 -0500
This virus sent to the list shows the problem of complete lack of
moderation. What would be best is a filter that does a virus scan and WARNS
about possible virus, but does not block anything. You would still be
responsible for personal digital hygiene, but would have a flag to filter
on.
Here are the headers of this message with McAfee message and a whois on the
originating MTA IP.
Return-Path: <full-disclosure-admin@xxxxxxxxxxxxxxxx>
Received: from netsys.com (NETSYS.COM [199.201.233.10])
by mail.zoneedit.com (Postfix) with ESMTP id 285443FA0D
for <full-disclosure@xxxxxxxxx>; Wed, 24 Mar 2004 17:17:19 -0500
(EST)
Received: from NETSYS.COM (localhost [127.0.0.1])
by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id
i2OM4lJ28528;
Wed, 24 Mar 2004 17:04:47 -0500 (EST)
Received: from kermit ([62.38.237.28])
by netsys.com (8.11.6p2-2003-09-16/8.11.6) with SMTP id i2OLRWX15727
for <full-disclosure@xxxxxxxxxxxxxxxx>; Wed, 24 Mar 2004 16:27:34
-0500 (EST)
To: full-disclosure@xxxxxxxxxxxxxxxx
From: macubergeek@xxxxxxxxxxx
Message-ID: <qcwokkovsbsisnacbtp@xxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="--------sbeuunoxpacatulivtum"
Subject: [Full-Disclosure] meay-meay!
Sender: full-disclosure-admin@xxxxxxxxxxxxxxxx
Errors-To: full-disclosure-admin@xxxxxxxxxxxxxxxx
X-BeenThere: full-disclosure@xxxxxxxxxxxxxxxx
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe:
<http://lists.netsys.com/mailman/listinfo/full-disclosure>,
<mailto:full-disclosure-request@xxxxxxxxxxxxxxxx?subject=unsubscribe>
List-Id: Discussion of security issues <full-disclosure.lists.netsys.com>
List-Post: <mailto:full-disclosure@xxxxxxxxxxxxxxxx>
List-Help: <mailto:full-disclosure-request@xxxxxxxxxxxxxxxx?subject=help>
List-Subscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>,
<mailto:full-disclosure-request@xxxxxxxxxxxxxxxx?subject=subscribe>
List-Archive: <http://lists.netsys.com/pipermail/full-disclosure/>
Date: Wed, 24 Mar 2004 23:27:25 +0200
****************** McAfee VirusScan ************************
******* Alert generated at: Wed, 24 Mar 2004 18:29:19 -0500 *********
*********************************************************************
McAfee VirusScan has detected a potential threat in this e-mail
sent by macubergeek@xxxxxxxxxxxx
The following actions were attempted on each suspicious part.
We strongly recommend that you report this virus-related activity
to macubergeek@xxxxxxxxxxxx
The attachment "TextFile.zip" is infected with the W32/Bagle.gen!pwdzip
Virus(es).
This attachment has been cleaned.
===================whois for sending MUA ==========
03/25/04 08:29:36 whois 62.38.237.28@xxxxxxxxxxxxxx
whois -h whois.ripe.net 62.38.237.28 ...
% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html
inetnum: 62.38.0.0 - 62.38.255.255
netname: GR-HOL-20010530
descr: Hellas On Line S.A.
descr: PROVIDER
country: GR
admin-c: HA194-RIPE
tech-c: CO95-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: AS3329-MNT
changed: hostmaster@xxxxxxxx 20010530
changed: hostmaster@xxxxxxxx 20031210 # gr.hol.aval via
https://lirportal.ripe.net
source: RIPE
route: 62.38.0.0/16
descr: HOL
origin: AS3329
mnt-lower: AS3329-MNT
mnt-routes: AS3329-MNT
mnt-by: AS3329-MNT
changed: tkor@xxxxxx 20010530
source: RIPE
role: HOL Administration
address: Hellas On Line S.A.
address: Harilaou Trikoupi 151
address: N. Kiffisia, Greece 14564
e-mail: admin@xxxxxx
trouble: Questions....... mail to: noc@xxxxxx
trouble: Spam Reports.... mail to: postmaster@xxxxxx
trouble: Abuse Reports... mail to: abuse@xxxxxx
admin-c: KK5841-RIPE
tech-c: AV845-RIPE
tech-c: TK583-RIPE
tech-c: CO95-RIPE
nic-hdl: HA194-RIPE
mnt-by: AS3329-MNT
changed: vicky@xxxxxx 19970821
changed: vicky@xxxxxx 19970826
changed: noc@xxxxxx 19981217
changed: aval@xxxxxx 20000110
changed: aval@xxxxxx 20010314
changed: aval@xxxxxx 20020121
changed: aval@xxxxxx 20030624
source: RIPE
role: HOL Network Operations Center
address: Hellas On Line S.A.
address: Harilaou Trikoupi 151
address: N. Kiffisia, Greece 14564
e-mail: noc@xxxxxx
trouble: Questions....... mail to: noc@xxxxxx
trouble: Spam Reports.... mail to: postmaster@xxxxxx
trouble: Abuse Reports... mail to: abuse@xxxxxx
admin-c: KK5841-RIPE
tech-c: AV845-RIPE
tech-c: TK583-RIPE
nic-hdl: CO95-RIPE
mnt-by: AS3329-MNT
changed: vicky@xxxxxx 19970821
changed: noc@xxxxxx 19981217
changed: aval@xxxxxx 20000110
changed: aval@xxxxxx 20010314
changed: aval@xxxxxx 20010320
changed: aval@xxxxxx 20010607
changed: aval@xxxxxx 20020121
changed: tkor@xxxxxxx 20030909
source: RIPE
-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of
macubergeek@xxxxxxxxxxx
Sent: March 24, 2004 4:27 PM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] meay-meay!
The access is open !!!
password for archive: 01825
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html