nanog mailing list archives
[Fwd: FOUND VIRUS IN MAIL from <owner-nanog () merit edu>]
From: Larry Rosenman <ler () lerctr org>
Date: 17 Jun 2002 23:03:07 -0500
Fair Warning.... -----Forwarded Message----- From: vscan () lerctr org To: virusalert () lerctr org Subject: FOUND VIRUS IN MAIL from <owner-nanog () merit edu> Date: 17 Jun 2002 22:48:16 -0500 A virus was found in an email from: <owner-nanog () merit edu> The message was addressed to: -> <ler () lerami lerctr org> The message has been quarantined as: /var/virusmails/virus-20020617-224816-21028 Here is the output of the scanner: Scanning /var/amavis/amavis-milter-4Oa4l925/parts/* Scanning file /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-1.txt Scanning file /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-2.html Scanning file /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-3.exe /var/amavis/amavis-milter-4Oa4l925/parts/msg-21028-3.exe Found the DDoS-Slack trojan !!! Summary report on /var/amavis/amavis-milter-4Oa4l925/parts/* File(s) Total files: ........... 3 Clean: ................. 2 Possibly Infected: ..... 1 Here are the headers: ------------------------- BEGIN HEADERS ----------------------------- Received: by trapdoor.merit.edu (Postfix) id 0FA7F9124E; Mon, 17 Jun 2002 23:46:02 -0400 (EDT) Delivered-To: nanog-outgoing () trapdoor merit edu Received: by trapdoor.merit.edu (Postfix, from userid 56) id B621F9124F; Mon, 17 Jun 2002 23:46:01 -0400 (EDT) Delivered-To: nanog () trapdoor merit edu Received: from segue.merit.edu (segue.merit.edu [198.108.1.41]) by trapdoor.merit.edu (Postfix) with ESMTP id A61099124E for <nanog () trapdoor merit edu>; Mon, 17 Jun 2002 23:45:58 -0400 (EDT) Received: by segue.merit.edu (Postfix) id 8CCEA5DE57; Mon, 17 Jun 2002 23:45:58 -0400 (EDT) Delivered-To: nanog () merit edu Received: from web21109.mail.yahoo.com (web21109.mail.yahoo.com [216.136.227.111]) by segue.merit.edu (Postfix) with SMTP id D92105DE52 for <nanog () merit edu>; Mon, 17 Jun 2002 23:45:57 -0400 (EDT) Message-ID: <20020618034556.54382.qmail () web21109 mail yahoo com> Received: from [68.36.89.121] by web21109.mail.yahoo.com via HTTP; Mon, 17 Jun 2002 20:45:56 PDT Date: Mon, 17 Jun 2002 20:45:56 -0700 (PDT) From: jim bruer <jim_teh_man () yahoo com> Subject: ConfigMaker Beta To: nanog () merit edu MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="0-340633384-1024371956=:50295" Sender: owner-nanog () merit edu Precedence: bulk Errors-To: owner-nanog-outgoing () merit edu X-Loop: nanog -------------------------- END HEADERS ------------------------------ -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler () lerctr org US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
Current thread:
- [Fwd: FOUND VIRUS IN MAIL from <owner-nanog () merit edu>] Larry Rosenman (Jun 17)
- Re: [Fwd: FOUND VIRUS IN MAIL from <owner-nanog () merit edu>] John Payne (Jun 17)
- Re: [Fwd: FOUND VIRUS IN MAIL from <owner-nanog () merit edu>] Larry Rosenman (Jun 17)
- Re: Fwd: FOUND VIRUS IN MAIL James Thomason (Jun 18)
- <Possible follow-ups>
- Re: [Fwd: FOUND VIRUS IN MAIL from <owner-nanog () merit edu>] Larry Rosenman (Jun 17)
- Re: [Fwd: FOUND VIRUS IN MAIL from <owner-nanog () merit edu>] John Payne (Jun 17)