<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [ga] Reliability of the Internet - the silent battle - part 2
Ok, Roeland-
Perhaps I over-reacted... But I just spent several days (and nights)
"cleaning" my windows NT based servers. No problems with my unix
servers, of course ;-)
Regards
Peter de Blanc
-----Original Message-----
From: Roeland Meyer [mailto:rmeyer@mhsc.com]
Sent: Wednesday, November 07, 2001 7:05 AM
To: 'Peter de Blanc'; Roeland Meyer; 'GA DNSO (E-mail)'
Subject: RE: [ga] Reliability of the Internet - the silent battle - part
2
I am sorry if it caused you concern. The DAT file, while not normally
executable, shouldn't have been there. I thought my methods had removed
it. My filters had already renamed it to the DAT type, which is a
non-executable type under windows, and I manually deleted the attachment
from the message. Apparently, that was unsuccessful. If Norton detected
it then either NAV is using external message data or I indeed failed to
remove the attachment.
In the latter case, I apologize. I went back to my Sent Files folder to
check and it appears to not have the attachment, under binary scan of
the message, even though the message header thinks it still has the
file. But, playing around with virii isn't safe by any stretch and
that's the main reason I don't do it. Because it was a DAT file, it
should still be dead. But, I won't repeat that move anytime soon. Again,
I apologize for the inconvenience.
Now, if I can get that system in China to quit sending me free copies of
SirCam ....
|> -----Original Message-----
|> From: Peter de Blanc [mailto:pdeblanc@usvi.net]
|> Sent: Wednesday, November 07, 2001 2:20 AM
|> To: 'Roeland Meyer'; 'GA DNSO (E-mail)'
|> Subject: RE: [ga] Reliability of the Internet - the silent
|> battle - part
|> 2
|>
|>
|> Roeland:
|>
|> The file you attached, ATT00010.DAT, 262 K bytes, was identified as
|> "32.Sircam.Worm@mm" and "quarantined" by my Norton Anti-Virus
|> corporate edition version 7.51.847.
|>
|> Peter de Blanc
|>
|> -----Original Message-----
|> From: owner-ga@dnso.org [mailto:owner-ga@dnso.org] On Behalf
|> Of Roeland
|> Meyer
|> Sent: Tuesday, November 06, 2001 10:27 PM
|> To: GA DNSO (E-mail)
|> Subject: RE: [ga] Reliability of the Internet - the silent
|> battle - part
|> 2
|>
|>
|> Hold on guys! The shell was there but the virus wasn't. It
|> was a message
|> that showed an attachment, without the attachment.
|>
|> |> -----Original Message-----
|> |> From: Roeland Meyer [mailto:rmeyer@mhsc.com]
|> |> Sent: Tuesday, November 06, 2001 1:32 PM
|> |> To: GA DNSO (E-mail)
|> |> Subject: [ga] Reliability of the Internet - the silent battle -
|> |> part 2
|> |>
|> |>
|> |> This is an example of something that didn't survive my filters. I
|> |> looked at the attachement, it wasn't spam. Rather, it was an
|> |> attached virus.
|> |>
|> |> I have included the traceroute for validation. It purportedly came
|> |> from china. The point is that, file attachments are becoming a
|> |> less reliable
|> |> means to distribute documents.
|> |>
|> |> --- techies-only below here ---
|> |>
|> |> pheonix:/root
|> |> Tue Nov 6 13:07:51 [bash:root:59]#> traceroute 211.101.48.83
|> |> traceroute to 211.101.48.83 (211.101.48.83), 30 hops max, 40 byte
|> |> packets 1 spkez.gw.mhsc.net (216.27.184.225) 5 ms 3 ms 2 ms
|> |> 2 gw-081-176.sfo1.dsl.speakeasy.net (216.27.176.1) 27 ms
|> |> 21 ms 33 ms
|> |> 3 border3.fe5-3.speakeasy-9.sff.pnap.net (216.52.86.28)
|> |> 19 ms 21 ms 19
|> |> ms
|> |> 4 core1.fe0-1-bbnet2.sff.pnap.net (216.52.80.65) 20 ms
|> |> 21 ms 20 ms
|> |> 5 sl-gw12-sj-1-1.sprintlink.net (144.232.217.17) 22 ms
|> |> 20 ms 21 ms
|> |> 6 sl-gw12-sj-9-0.sprintlink.net (144.232.3.145) 25 ms 22
|> |> ms 32 ms
|> |> 7 sl-bb20-tac-11-1.sprintlink.net (144.232.9.214) 56 ms
|> |> 39 ms 41 ms
|> |> 8 sl-gw4-tac-0-0.sprintlink.net (144.232.17.6) 38 ms
|> 41 ms 40 ms
|> |> 9 * sle-chinatelecom-3-0.sprintlink.net (160.81.25.6) 443 ms *
|> |> 10 p-13-0-r1-c-bjbj-1.cn.net (202.97.33.9) 502 ms 303
|> ms 200 ms
|> |> 11 p-2-0-r1-a-bjbj-2.cn.net (202.97.38.50) 188 ms 201
|> ms 219 ms
|> |> 12 202.96.12.50 (202.96.12.50) 287 ms 324 ms 271 ms 13
|> |> 202.106.193.206 (202.106.193.206) 199 ms 195 ms 196 ms 14
|> |> 202.108.254.75 (202.108.254.75) 199 ms 197 ms 196 ms 15
|> |> 211.101.63.2 (211.101.63.2) 500 ms 505 ms 514 ms 16
|> |> 211.101.63.9 (211.101.63.9) 229 ms 230 ms 231 ms 17
|> |> 211.101.48.83 (211.101.48.83) 530 ms 553 ms 565 ms
|> |>
|> |> |> -----Original Message-----
|> |> Received: from junhoo.com (211.101.48.83 [211.101.48.83]) by
|> |> condor.mhsc.com with SMTP (Microsoft Exchange Internet Mail
|> |> Service Version
|> |> 5.5.2650.21)
|> |> id TTWMVQKL; Tue, 6 Nov 2001 13:04:47 -0800
|> |> Received: from CR380220-A.etob1.on.wave.home.com [24.101.18.46] by
|> |> junhoo.com
|> |> (SMTPD32-7.04 EVAL) id AF54350042; Wed, 07 Nov 2001
|> 05:00:04 +0800
|> |> From: "0"<0
|> |> To: rmeyer@mhsc.com
|> |> Subject: Flight crews rely on passengers to stop trouble
|> |> date: Tue, 6 Nov 2001 16:12:47 -0500
|> |> MIME-Version: 1.0
|> |> X MIME OLE: Produced By Microsoft MimeOLE V5.50.4133.2400
|> |> X-Mailer: Microsoft Outlook Express 5.50.4133.2400
|> |> Co ntent Type: multi part/m ixed; boun
|> |> dary="----41C1485D_Outlook_Express_message_boundary"
|> |> Con tent Disposition: Multipart message
|> |> Message-Id:
|> |> <200111070500554.SM00932@CR380220-A.etob1.on.wave.home.com>
|> |>
|> |> ------41C1485D_Outlook_Express_message_boundary
|> |> Content Type: text/plain; charset=ISO-8859-1
|> |> Content Transfer-Encoding: quoted-printable
|> |> Content Disposition: message text
|> |>
|> |> ------41C1485D_Outlook_Express_message_boundary
|> |> Content Type: application/mixed; na me="Flight crews rely on
|> |> passengers to stop trouble.doc.com"
|> |> Content Transfer-Encoding: base64
|> |> Content Disposition: attachment; file name="Flight crews
|> |> rely on passengers
|> |> to stop trouble.doc.com"
|> |>
|> |> ------41C1485D_Outlook_Express_message_boundary
|> |> |> From: 0 [mailto:0]
|> |> |> Sent: Tuesday, November 06, 2001 1:13 PM
|> |> |> To: rmeyer@mhsc.com
|> |> |> Subject: Flight crews rely on passengers to stop trouble
|> |> |>
|> |> |>
|> |> |> Hi! How are you?
|> |> |>
|> |> |> This is the file with the information that you ask for
|> |> |>
|> |> |> See you later. Thanks
|> |> |>
|> |>
|> |>
|> --
|> This message was passed to you via the ga@dnso.org list. Send mail to
|> majordomo@dnso.org to unsubscribe ("unsubscribe ga" in the body of
|> the message). Archives at http://www.dnso.org/archives.html
|>
|> --
|> This message was passed to you via the ga@dnso.org list. Send mail to
|> majordomo@dnso.org to unsubscribe ("unsubscribe ga" in the body of
|> the message). Archives at http://www.dnso.org/archives.html
|>
--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|