| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040325133640.CGNS396979.fep03-mail.bloor.is.net.cable.rogers.com@BillDell>
From: full-disclosure at royds.net (Bill Royds)
Subject: meay-meay! (virus sent via full-discosure list)
This virus sent to the list shows the problem of complete lack of
moderation. What would be best is a filter that does a virus scan and WARNS
about possible virus, but does not block anything. You would still be
responsible for personal digital hygiene, but would have a flag to filter
on.
Here are the headers of this message with McAfee message and a whois on the
originating MTA IP.
Return-Path: <full-disclosure-admin@...ts.netsys.com>
Received: from netsys.com (NETSYS.COM [199.201.233.10])
by mail.zoneedit.com (Postfix) with ESMTP id 285443FA0D
for <full-disclosure@...ds.net>; Wed, 24 Mar 2004 17:17:19 -0500
(EST)
Received: from NETSYS.COM (localhost [127.0.0.1])
by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id
i2OM4lJ28528;
Wed, 24 Mar 2004 17:04:47 -0500 (EST)
Received: from kermit ([62.38.237.28])
by netsys.com (8.11.6p2-2003-09-16/8.11.6) with SMTP id i2OLRWX15727
for <full-disclosure@...ts.netsys.com>; Wed, 24 Mar 2004 16:27:34
-0500 (EST)
To: full-disclosure@...ts.netsys.com
From: macubergeek@...cast.net
Message-ID: <qcwokkovsbsisnacbtp@...cast.net>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="--------sbeuunoxpacatulivtum"
Subject: [Full-Disclosure] meay-meay!
Sender: full-disclosure-admin@...ts.netsys.com
Errors-To: full-disclosure-admin@...ts.netsys.com
X-BeenThere: full-disclosure@...ts.netsys.com
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe:
<http://lists.netsys.com/mailman/listinfo/full-disclosure>,
<mailto:full-disclosure-request@...ts.netsys.com?subject=unsubscribe>
List-Id: Discussion of security issues <full-disclosure.lists.netsys.com>
List-Post: <mailto:full-disclosure@...ts.netsys.com>
List-Help: <mailto:full-disclosure-request@...ts.netsys.com?subject=help>
List-Subscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>,
<mailto:full-disclosure-request@...ts.netsys.com?subject=subscribe>
List-Archive: <http://lists.netsys.com/pipermail/full-disclosure/>
Date: Wed, 24 Mar 2004 23:27:25 +0200
****************** McAfee VirusScan ************************
******* Alert generated at: Wed, 24 Mar 2004 18:29:19 -0500 *********
*********************************************************************
McAfee VirusScan has detected a potential threat in this e-mail
sent by macubergeek@...cast.net.
The following actions were attempted on each suspicious part.
We strongly recommend that you report this virus-related activity
to macubergeek@...cast.net.
The attachment "TextFile.zip" is infected with the W32/Bagle.gen!pwdzip
Virus(es).
This attachment has been cleaned.
===================whois for sending MUA ==========
03/25/04 08:29:36 whois 62.38.237.28@...is.ripe.net
whois -h whois.ripe.net 62.38.237.28 ...
% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html
inetnum: 62.38.0.0 - 62.38.255.255
netname: GR-HOL-20010530
descr: Hellas On Line S.A.
descr: PROVIDER
country: GR
admin-c: HA194-RIPE
tech-c: CO95-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: AS3329-MNT
changed: hostmaster@...e.net 20010530
changed: hostmaster@...e.net 20031210 # gr.hol.aval via
https://lirportal.ripe.net
source: RIPE
route: 62.38.0.0/16
descr: HOL
origin: AS3329
mnt-lower: AS3329-MNT
mnt-routes: AS3329-MNT
mnt-by: AS3329-MNT
changed: tkor@....gr 20010530
source: RIPE
role: HOL Administration
address: Hellas On Line S.A.
address: Harilaou Trikoupi 151
address: N. Kiffisia, Greece 14564
e-mail: admin@....gr
trouble: Questions....... mail to: noc@....gr
trouble: Spam Reports.... mail to: postmaster@....gr
trouble: Abuse Reports... mail to: abuse@....gr
admin-c: KK5841-RIPE
tech-c: AV845-RIPE
tech-c: TK583-RIPE
tech-c: CO95-RIPE
nic-hdl: HA194-RIPE
mnt-by: AS3329-MNT
changed: vicky@....gr 19970821
changed: vicky@....gr 19970826
changed: noc@....gr 19981217
changed: aval@....gr 20000110
changed: aval@....gr 20010314
changed: aval@....gr 20020121
changed: aval@....gr 20030624
source: RIPE
role: HOL Network Operations Center
address: Hellas On Line S.A.
address: Harilaou Trikoupi 151
address: N. Kiffisia, Greece 14564
e-mail: noc@....gr
trouble: Questions....... mail to: noc@....gr
trouble: Spam Reports.... mail to: postmaster@....gr
trouble: Abuse Reports... mail to: abuse@....gr
admin-c: KK5841-RIPE
tech-c: AV845-RIPE
tech-c: TK583-RIPE
nic-hdl: CO95-RIPE
mnt-by: AS3329-MNT
changed: vicky@....gr 19970821
changed: noc@....gr 19981217
changed: aval@....gr 20000110
changed: aval@....gr 20010314
changed: aval@....gr 20010320
changed: aval@....gr 20010607
changed: aval@....gr 20020121
changed: tkor@....net 20030909
source: RIPE
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
macubergeek@...cast.net
Sent: March 24, 2004 4:27 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] meay-meay!
The access is open !!!
password for archive: 01825
Powered by blists - more mailing lists