lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
From: pauls at (Schmehl, Paul L)
Subject: MS Security Bulletin doing email harvesting?

> -----Original Message-----
> From: Kyp Durron [] 
> Sent: Monday, August 04, 2003 1:17 PM
> To:
> Subject: [Full-Disclosure] MS Security Bulletin doing email 
> harvesting?
> I get this email today that says it's from 
>  It looks legit so I go 
> to forward it 
> to someone I know and Outlook 2003 pops an error message that 
> I attached.  I 
> look at the HTML and it's trying to pull the following URL.
> Do you all think it's a spammer trying to harvest emails by 
> impersonating a 
> MS security bulletin?  If it is, how funny is THAT?!?!?
It's so funny that I'm laughing my a$$ off.  You can't seriously mean
that you actually thought this was legitimate?  Is so, you probably
think the Good Times Virus is real and so is the Easter Bunny.

Here's a hint.

08/04/03 16:01:47 dns
Canonical name:

08/04/03 16:02:18 whois !

whois -h !net-209-11-136-0-1 ...

OrgName:    Digital Impact 
OrgID:      DIGITA-374
Address:    177 Bovet Road Suite 200
City:       San Mateo
StateProv:  CA
PostalCode: 94402
Country:    US

NetRange: - 
NetName:    DIGTIMPAC-209-11-136
NetHandle:  NET-209-11-136-0-1
Parent:     NET-209-11-0-0-2
NetType:    Reassigned
RegDate:    2002-07-12
Updated:    2002-12-05

Dig ...
Non-authoritative answer
Recursive queries supported by this server
 Query for type=255 class=1 MX (Mail Exchanger) Priority: 10 MX (Mail Exchanger) Priority: 10 MX (Mail Exchanger) Priority: 10 

[pauls@...49554 pauls]$ telnet 25
Connected to
Escape character is '^]'.
220 ESMTP Server
4 Aug 2003 14:10:31 -0700
250 Hello [
501 5.5.4 Invalid Address
221 2.0.0 Service closing 
transmission channel
Connection closed by foreign host.

Paul Schmehl (
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member 

Powered by blists - more mailing lists