nanog mailing list archives
RE: virus or hacked?
From: Chris Todd <ctodd () westernnews com>
Date: Wed, 20 Aug 2003 10:53:47 -0700
Ok, let me kill this now, To everyone that helped thank you very much.. to others I am sorry for posting off topic. I just now found out the server admin left the server outside the firewall with many open ports. again, thanks for all the help and sorry for the off topic spam. Chris Todd Computer Technician Western Newspapers, Inc. (928)775-2499 Resistance is Futile
---------- From: McBurnett, Jim Sent: Wednesday, August 20, 2003 11:48 AM To: Todd Mitchell - lists; Chris Todd Cc: nanog () nanog org Subject: RE: virus or hacked? ->| -----Original Message----- ->| From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf ->Of ->| Chris Todd ->| Sent: Wednesday, August 20, 2003 12:33 PM ->| To: 'nanog () merit edu' ->| Subject: virus or hacked? ->| ->| ->| Good morning: ->| I was wondering if anyone has seen this message on a win2k server ->before ->| and ->| might be able to help me ->| ->| Message from destroyer to you on 8/19/2003 11:24:53pm ->| Make this your last pop-up ever Destroy all these pop-up for a ->fraction of ->| the price of our competitors!!! ->| go to www. messagdestroyer.net ->| ->| This is all in a plain windows box(gray box with an ok button at the ->| bottom ->| and the X is the upper right corner) ->| -> ->This is a standard Windows messenger (not MSN messenger) spam. If you ->don't use the Windows messenger service, disable the "messenger" ->service. SPAM will stop. -> ->Todd If you have this showing up on a server that is behind a firewall, you may have a MUCH bigger problem. The access to the messenger service requires access to a specific port, and this problem normally only manifests itslef when the server/workstation is plugged directly into an internet pipe with a real world IP on one of it's network cards!!!!! If you are not behind a firewall/router of even the linksys family, shame on you. If you are behind a firewall... Oh boy, better look for some security problems!!!! later, J
Current thread:
- Re: virus or hacked?, (continued)
- Re: virus or hacked? Gregory Hicks (Aug 20)
- RE: virus or hacked? Claire Kelly (Aug 20)
- Re: virus or hacked? Mehmet Akcin (Aug 20)
- Re: virus or hacked? Valdis . Kletnieks (Aug 20)
- Re: virus or hacked? up (Aug 20)
- Re: virus or hacked? Richard Irving (Aug 20)
- Re: virus or hacked? John Kinsella (Aug 20)
- Re: virus or hacked? steve uurtamo (Aug 20)
- Weird network problems Geo. (Aug 20)
- RE: virus or hacked? McBurnett, Jim (Aug 20)
- RE: virus or hacked? Chris Todd (Aug 20)
- Re: virus or hacked? Paul A. Bradford (Aug 20)
- RE: virus or hacked? Claire Kelly (Aug 20)