Full Disclosure mailing list archives
Re: kaspersky-labs webserver or listserver compromised?
From: Ka <ka () khidr net>
Date: Fri, 8 Nov 2002 11:45:21 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At Freitag, 8. November 2002 08:56 Andreas Tirok wrote:
Ka <ka () khidr net> wrote:Here are the headers: - ------------------------- BEGIN HEADERS ----------------------------- Received: from webserver2.kaspersky-labs.com (unknown [195.161.113.178]) by mail.vegaa.de (Postfix) with ESMTP id A9F37174019 for <zim () vegaa de>; Thu, 7 Nov 2002 22:51:28 +0100 (CET) Received: by webserver2.kaspersky-labs.com (Postfix) id 33AB920047; Fri, 8 Nov 2002 00:22:31 +0300 (MSK) Delivered-To: list-15 () webserver2 kaspersky-labs com Received: from webserver2.kaspersky-labs.com (unknown [148.235.6.199])... [Andreas Tirok] Isn't webserver2.kaspersky-labs.com
Hmmm. You certainly know how to call dig. But with which IP? ;; QUESTION SECTION: ;webserver2.kaspersky-labs.com. IN ANY ;; ANSWER SECTION: webserver2.kaspersky-labs.com. 21600 IN A 195.161.113.178 ;; AUTHORITY SECTION: kaspersky-labs.com. 21600 IN NS ns1.kaspersky-labs.com. kaspersky-labs.com. 21600 IN NS ns.glasnet.ru. kaspersky-labs.com. 21600 IN NS ns.macomnet.ru. Fact is: kaspersky-labs.com is: a) sending viruses, which her own product could detect. b) sending that with a return-adress which is an open list-entry to one of their (supposedly closed) news-lists. - From your email: Received: ... Fri, 8 Nov 2002 08:56:03 +0100 From: Andreas Tirok <Andreas.Tirok () beusen de> Too early - even before 9:00 am, that's in the middle of the night. Let me guess - coffee machine down at beusen.de? Ka - -- old vulnerability: And whoever exalts himself ... in the wild: @ kaspersky-labs.com vulnerable: human brain all versions credit: Matthew 23, 12 http://www.khidr.net/users/ka/pgpkey.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9y5XB72vu22ltWBERAtiaAJ9/DN9KRsICQlDQGT3pPSnOfMyoQQCfQ9Wi ufOgh+dk+muHUauvhi4uD2o= =O5Ia -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- kaspersky-labs webserver or listserver compromised? Ka (Nov 07)
- Re: kaspersky-labs webserver or listserver compromised? Andreas Tirok (Nov 08)
- Re: kaspersky-labs webserver or listserver com Nick FitzGerald (Nov 08)
- Re: kaspersky-labs webserver or listserver com Ka (Nov 08)
- Re: kaspersky-labs webserver or listserver compromised? Ka (Nov 08)
- Re: kaspersky-labs webserver or listserver com Nick FitzGerald (Nov 08)
- Re: kaspersky-labs webserver or listserver compromised? Brian McWilliams (Nov 08)
- Re: kaspersky-labs webserver or listserver compromised? Ka (Nov 08)
- Kaspersky blames "massive attack" Brian McWilliams (Nov 08)
- Re: kaspersky-labs webserver or listserver compromised? Ka (Nov 08)
- Re: kaspersky-labs webserver or listserver compromised? Andreas Tirok (Nov 08)