Hey, I got my first whindoze email virus!
Torgo Jr
agarris@voyager.net
Tue, 15 Aug 2000 19:04:25 -0400
Ben Pfaff wrote:
>
> Torgo Jr <agarris@voyager.net> writes:
>
> > Got the "resume.txt.vbs" in my Netscape for Linux email
> > program (gawd I need to switch to mutt though...). After
> > an initial chuckle, I decided to look at the headers, and
> > I am a little confused. Does what appears below mean that
> > the message originated within aol.com?
>
> It looks forged to me:
That is what I thought, but then again, I'm no network
guy.
> 1. linux-1.osvnidau is not a valid hostname and
> 195.141.11.11 does not resolve in the DNS.
Obviously not a valid hostname...
> 2. 161.58.1.88 does not resolve in the DNS and it
> certainly is not an AOL mail exchanger (i.e., `telnet
> 161.58.1.88 smtp' produces `connection refused', and
> AOL is in a different IP net-block).
So someone cracked aol to send this? Or is the header
forged up until it hits Voyager.net?
--
Alan Garrison ___ agarris@voyager.net
"MD5: An encryption method used on the Internet."
- Microsoft IIS 4.0 Glossary