Security Basics mailing list archives
RE: Returned Mails
From: "Jason Haith" <jhaith () genesissys com>
Date: Tue, 27 Apr 2004 07:22:55 -0500
There are a couple ways to check if it is you with the virus. 1. Download one of Symantecs Virus Removal Tools for the W32.Netsky.C@mm virus. They seem to work pretty good at catching a virus if you've been infected. 2. Or you can open a sniffer on your computer and watch and look for any emails/data mysteriously being sent from your computer. I've had more luck with this method. Sniphere is a simple and small download that will do this (www.securesphere.net). Jason Haith Systems Administrator Genesis Systems 5712 S. 77th St Omaha, NE 68127 Email: jhaith () genesissys com -----Original Message----- From: Guru4u Support [mailto:support () guru4u co uk] Sent: Monday, April 26, 2004 12:56 PM To: security-basics () securityfocus com Subject: Returned Mails Hi, This is probably a stupid question but I could do with some confirmation of what I think is happening. I've been receiving a lot of 'return' emails claiming they have been returned as I have a virus. Example below: A virus was found in a message sent by this account. --- Scan information follows --- Result: Virus Detected Virus Name: W32.Netsky.C@mm File Attachment: posting.txt.com Attachment Status: deleted --- Original message information follows --- From: *************@guru4u.co.uk To: ********.com Date: Fri, 23 Apr 2004 23:32:12 +0100 Subject: SPAM: the truth? Received: from netcel.com ([80.42.154.232]) by nospam.netcel.com (SAVSMTP 3.1.0.29) with SMTP id M2004042323185126674 for ********.com>; Fri, 23 Apr 2004 23:18:52 +0100 I have up to now guessed these were down to 'someone' else's pc infected with netsky or mydoom but after a lull I have been bombarded with loads of such mails over the course of the day. I would just like some reassurance that this is indeed due to other people infected boxes rather mine. I have of course run several full system scans with Norton av with the latest definitions etc and do use a firewall, Spybot etc. I've googled and this starts to confirm my suspicions but isn't authorative. Thanks in advance, Guru --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Returned Mails Guru4u Support (Apr 26)
- Re: Returned Mails Eric Paynter (Apr 27)
- Re: Returned Mails Paul Kurczaba (Apr 27)
- RE: Returned Mails Mike (Apr 27)
- Re: Returned Mails JEREMY Anderson (Apr 27)
- Re: Returned Mails Murad Talukdar (Apr 27)
- RE: Returned Mails Jason Haith (Apr 27)
- Re: Returned Mails Guru4u Support (Apr 27)
- Re: Returned Mails khayes (Apr 28)
- <Possible follow-ups>
- RE: Returned Mails Ricardo Saramago (Apr 27)