[Linux-aus] Virus wars hotting up a bit? (was: virus detected)

[Leon Brooks <leon@cyberknights.com.au>]

On Thu, 25 Mar 2004 12:55, MailScanner wrote:
> Our virus detector has just been triggered by a message you sent:-
>   To: headgardener@webmail1.newnet.co.uk
>   Subject: Important m$6h?3p
>   Date: Thu Mar 25 04:55:53 2004
> Any infected parts of the message (document07_soiltests.scr)
> have not been delivered.

I note that the infected attachment name was gardening-related, and so 
is the intended victim's email address. Presumably the name was 
borrowed from the attacker's hard disk?

The mail server ate the original headers (pity) so there's no way of 
identifying the attacking machine.

Mail bounced from LA's server (Digital) also contains insufficient 
information to identify the original sending machine. I wonder if this 
is worth fixing?

I note also that the initial sender at the webmail site was 
"root@localhost". Risky.

Cheers; Leon

-- 
http://cyberknights.com.au/     Modern tools; traditional dedication
http://plug.linux.org.au/       Vice President, Perth Linux User Group
http://slpwa.asn.au/            Committee Member, Linux Professionals WA
http://linux.org.au/            Past Committee Member, Linux Australia
http://osia.opensource.org.au/  Member, Open Source Industry Association