nanog mailing list archives
RE: OK, who's the idiot using tcwireless.us?
From: Skywing <Skywing () valhallalegends com>
Date: Tue, 7 Oct 2008 20:28:58 -0500
The person responsible already posted about this about 4 hours ago, BTW; further speculation is obsolete. :) - S -----Original Message----- From: Owen DeLong [mailto:owen () delong com] Sent: Tuesday, October 07, 2008 9:11 PM To: Christopher LILJENSTOLPE Cc: nanog () nanog org Subject: Re: OK, who's the idiot using tcwireless.us? Active address validation, perhaps? Owen On Oct 7, 2008, at 3:05 PM, Christopher LILJENSTOLPE wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, I agree with Howard here, I don't think this is a mis- configuration, but a harvest attempt. The "mailserver" is in different messages, and I can't see how that could get misconfigured in a honest validation server. My guess is that someone is trolling the archives, and sending this back? Why, I have no idea, given they already can see the sending address. Chris On 07 Oct 2008, at 13.14, Valdis.Kletnieks () vt edu wrote:Somebody on the NANOG mailing list has their mail pointing to tcwireless.us, which is throwing challenge/response mail like the following: Your message From: Valdis.Kletnieks () vt edu To: n3td3v <xploitable () gmail com> Subject: Re: Fwd: cnn.com - Homeland Security seeks cyber counterattack system ( Einstein 3.0) Date: 10/6/2008 has been just received by gmail.com mailserver. To prove that your message was sent by a human and not a computer, please visit the URL below and type in the alphanumeric text you will see in the image. You will be asked to do this only once for this recipient. http://mail.tcwireless.us/challenge/?folder=2008100614384085099427 Your message will be automatically deleted in a few days if you do not confirm this request. ===================================================== DO NOT REPLY TO THIS MESSAGE. NO ONE WILL RECEIVE IT. ===================================================== Note it says 'gmail.com mailserver'. Paul Ferguson reported to me that the one he saw said 'received by vt.edu mailserver'. Also note that the From/To has lost nanog () nanog org - for both my note and Paul's (in fact, looking at Paul's actual posting and mine show nanog () nanog org as being the only common link, thus the "must be a nanog subscriber" conclusion). Please, if you're going to use a C/R, at least learn how to whitelist the mailing lists you're on. And if you can't figure out how to do that, please do us all a favor and not try to run an operational network...- --- 李柯睿 Check my PGP key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xCB67593B -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJI690kAAoJEGmx2Mt/+Iw/awkH/j/goIY2MuQYfMkGVCmBVlMx vrFACJFUdM3kFSw1KuB5l0s7U62JIuxoCMkIFuEU1xtXQzNMbmYytlkIq/oNY31q VEaEcG6khM7oxDrbbc4TgFVHm195o1mKYhK8TMPr5WBq9RIgY+n2iWFYfi/kIR0x R5VgKG2LUFOJr2i/400X8UGbq5DJAbStJf7FrqIWAQCsgtEVPSSp/cMrjujG4iPD 1mH4x76q3RrrMfUpcELs/LAE55eBPMFXAUx4lk13QKVhp7xkK5lkQWlUvEOUQKmQ zDCsj0Lu2sOPldZFszcKUQNuHQE3Bp8j3MNJ1vMBqSH2m+Gdh+Wwu3TRq8F1QaM= =flGu -----END PGP SIGNATURE-----
Current thread:
- OK, who's the idiot using tcwireless.us? Valdis . Kletnieks (Oct 07)
- Re: OK, who's the idiot using tcwireless.us? Chaim Rieger (Oct 07)
- Re: OK, who's the idiot using tcwireless.us? Christopher LILJENSTOLPE (Oct 07)
- Re: OK, who's the idiot using tcwireless.us? Owen DeLong (Oct 07)
- RE: OK, who's the idiot using tcwireless.us? Skywing (Oct 07)
- Re: OK, who's the idiot using tcwireless.us? Valdis . Kletnieks (Oct 08)
- Re: OK, who's the idiot using tcwireless.us? Owen DeLong (Oct 07)