Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[Fwd: Legal Notification]

From: editor () infoguerra com br (Giordani Rodrigues)
Date: Tue, 3 Sep 2002 11:01:38 -0300
I processed the message header with SpamCop and found the following:


[snip]
Received:  from unknown (HELO isc2.org) (204.87.205.244) by
node-152.hosting-network.com with SMTP; 3 Sep 2002 11:21:32 -0000

[snip]
host isc2.org (checking ip) ip = 209.164.6.194
204.87.205.244 is not an MX for isc2.org
ips don't match; isc2.org discarded as fake
Taking name from IP...
host 204.87.205.244 (getting name) 204.87.205.244 =
cacheflowmty.intervan.net.
host cacheflowmty.intervan.net. (checking ip) ip not found ;
cacheflowmty.intervan.net. discarded as fake.
no MXs for cacheflowmty.intervan.net.
204.87.205.246 is an MX for intervan.net.
204.87.205.244 is not an MX for cacheflowmty.intervan.net.
ips are close enough
Received line accepted


As shown above, the message is not really from ISC2.org

Regards,

----------------------------------------------------------------------------
-
Giordani Rodrigues
URL: http://www.infoguerra.com.br
E-mail: editor () infoguerra com br
Phone/fax: +55 (41) 423-6291



----- Original Message -----
From: "Dave Aitel" <dave () immunitysec com>
To: <full-disclosure () lists netsys com>
Sent: Tuesday, September 03, 2002 9:10 AM
Subject: [Full-disclosure] [Fwd: Legal Notification]



I figured I'd forward this on to the list as a warning.
-dave
Previous By Date Next
Previous By Thread Next

Current thread: