[Linux-aus] Virus wars hotting up a bit? (was: virus detected)

Leon Brooks leon at cyberknights.com.au
Thu Mar 25 13:33:02 UTC 2004

On Thu, 25 Mar 2004 12:55, MailScanner wrote:
> Our virus detector has just been triggered by a message you sent:-
>   To: headgardener at webmail1.newnet.co.uk
>   Subject: Important m$6h?3p
>   Date: Thu Mar 25 04:55:53 2004
> Any infected parts of the message (document07_soiltests.scr)
> have not been delivered.

I note that the infected attachment name was gardening-related, and so 
is the intended victim's email address. Presumably the name was 
borrowed from the attacker's hard disk?

The mail server ate the original headers (pity) so there's no way of 
identifying the attacking machine.

Mail bounced from LA's server (Digital) also contains insufficient 
information to identify the original sending machine. I wonder if this 
is worth fixing?

I note also that the initial sender at the webmail site was 
"root at localhost". Risky.

Cheers; Leon

http://cyberknights.com.au/     Modern tools; traditional dedication
http://plug.linux.org.au/       Vice President, Perth Linux User Group
http://slpwa.asn.au/            Committee Member, Linux Professionals WA
http://linux.org.au/            Past Committee Member, Linux Australia
http://osia.opensource.org.au/  Member, Open Source Industry Association

More information about the linux-aus mailing list