Re: Fw: Lesbian Mpeg

[Jason Haar <Jason.Haar () trimble co nz>]

On Wed, Apr 14, 2004 at 01:12:38PM -0500, Mark.Schutzmann () Omron com wrote:
> It looks something like Netsky.x or w32.blackmal () mm html  I would suspect
> (without being able to view the original MTA headers) that they are spoofed
> from someone else? Or maybe Jason's machine was trojaned and sent his
> mailing list out or is using his mailing list in its SMTP engine? I don't
> think an AV scanner would detect these messages, as they are all text (or
> did my AV scanner strip something out?).

It's not from me. Don't forget: it's almost 100% guaranteed these days that
when you receive a virus, the one address you know it *didn't* come from is
the one shown in the From: line.

Forged, forged, forged

I'd like to see how a Linux mutt user like myself got infected with a
WINDOWS virus...

If you think you've got it bad. I've just come back from vacation to find
a 1,000 AV alerts in my Inbox from all around the world... I have more AV
alerts than SPAM... (life is tough)


-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users