Hey, I got my first whindoze email virus!

Torgo Jr agarris@voyager.net
Tue, 15 Aug 2000 19:04:25 -0400

Previous message: Hey, I got my first whindoze email virus!
Next message: Hey, I got my first whindoze email virus!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ben Pfaff wrote:
> 
> Torgo Jr <agarris@voyager.net> writes:
> 
> > Got the "resume.txt.vbs" in my Netscape for Linux email
> > program (gawd I need to switch to mutt though...).  After
> > an initial chuckle, I decided to look at the headers, and
> > I am a little confused.  Does what appears below mean that
> > the message originated within aol.com?
> 
> It looks forged to me:

That is what I thought, but then again, I'm no network 
guy.
 
>         1. linux-1.osvnidau is not a valid hostname and
>            195.141.11.11 does not resolve in the DNS.

Obviously not a valid hostname...
 
>         2. 161.58.1.88 does not resolve in the DNS and it
>            certainly is not an AOL mail exchanger (i.e., `telnet
>            161.58.1.88 smtp' produces `connection refused', and
>            AOL is in a different IP net-block).
 
So someone cracked aol to send this?  Or is the header 
forged up until it hits Voyager.net?

-- 
Alan Garrison  ___ agarris@voyager.net
"MD5:  An encryption method used on the Internet."
- Microsoft IIS 4.0 Glossary

Previous message: Hey, I got my first whindoze email virus!
Next message: Hey, I got my first whindoze email virus!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]