Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SoBig and some info

From: "Chris Berry" <compjma () hotmail com>
Date: Thu, 21 Aug 2003 18:21:21 -0700
From: Kevin Saenz <ksaenz () spinaweb com au>
This current strain of SoBig, seems to be smarter than before.
it seems to be grabbing real email addresses in people's outlook
and using those as spoof accounts. The other thing I have found
is, if that is the case there are thousands of email servers
that are acting as open relays. Can any one correct me if I am
wrong, I am pretty sure this is open to some hot debate. As my question
will be if email servers are not relaying then how can a virus transmit
spoofed email addresses?


It has a built in smtp server.


I have seen emails bouncing back to me saying that an email from me is
possibly infected and contains an executable .pif the header of the
email from me is Outlook version 6.x. The problem with that is, emails
100% of the time from me are sent by Evolution, a Linux email client.
This has been since Wed Night Australian time or Tuesday morning U.S
time.


You're being joe-jobbed, it's probably not your fault.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Conciousness: that annoying time between naps."

_________________________________________________________________
Get MSN 8 and enjoy automatic e-mail virus protection. http://join.msn.com/?page=features/virus 


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: