Full Disclosure mailing list archives
Re: meay-meay! (virus sent via full-discosure list)
From: KUIJPERS Jimmy <jimmy.kuijpers () swift com>
Date: Thu, 25 Mar 2004 15:38:24 +0100
How many times has this been discussed on the list? Such alteration of messages send is in itself a form of moderation. even if you don't remove the virus itself. Something the list charter clearly states it will not do. Besides, why would the FD owners want to spend money (cpu power required for additional proccesing) on anti-virus while anti-virus is the clients responsibility. Especially on a security mailing list as this. If you want to treat virusses difrently by adding a flag then you could have your own virusscanner do it. (and then you have to pay for the additional proccesing ;-) ) My 2ct Bill Royds wrote:
This virus sent to the list shows the problem of complete lack of moderation. What would be best is a filter that does a virus scan and WARNS about possible virus, but does not block anything. You would still be responsible for personal digital hygiene, but would have a flag to filter on. Here are the headers of this message with McAfee message and a whois on the originating MTA IP. Return-Path: <full-disclosure-admin () lists netsys com> Received: from netsys.com (NETSYS.COM [199.201.233.10]) by mail.zoneedit.com (Postfix) with ESMTP id 285443FA0D for <full-disclosure () royds net>; Wed, 24 Mar 2004 17:17:19 -0500 (EST) Received: from NETSYS.COM (localhost [127.0.0.1]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with ESMTP id i2OM4lJ28528; Wed, 24 Mar 2004 17:04:47 -0500 (EST) Received: from kermit ([62.38.237.28]) by netsys.com (8.11.6p2-2003-09-16/8.11.6) with SMTP id i2OLRWX15727 for <full-disclosure () lists netsys com>; Wed, 24 Mar 2004 16:27:34 -0500 (EST) To: full-disclosure () lists netsys com From: macubergeek () comcast net Message-ID: <qcwokkovsbsisnacbtp () comcast net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--------sbeuunoxpacatulivtum" Subject: [Full-disclosure] meay-meay! Sender: full-disclosure-admin () lists netsys com Errors-To: full-disclosure-admin () lists netsys com X-BeenThere: full-disclosure () lists netsys com X-Mailman-Version: 2.0.12 Precedence: bulk List-Unsubscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=unsubscribe> List-Id: Discussion of security issues <full-disclosure.lists.netsys.com> List-Post: <mailto:full-disclosure () lists netsys com> List-Help: <mailto:full-disclosure-request () lists netsys com?subject=help> List-Subscribe: <http://lists.netsys.com/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists netsys com?subject=subscribe> List-Archive: <http://lists.netsys.com/pipermail/full-disclosure/> Date: Wed, 24 Mar 2004 23:27:25 +0200 ****************** McAfee VirusScan ************************ ******* Alert generated at: Wed, 24 Mar 2004 18:29:19 -0500 ********* ********************************************************************* McAfee VirusScan has detected a potential threat in this e-mail sent by macubergeek () comcast net. The following actions were attempted on each suspicious part. We strongly recommend that you report this virus-related activity to macubergeek () comcast net. The attachment "TextFile.zip" is infected with the W32/Bagle.gen!pwdzip Virus(es). This attachment has been cleaned. ===================whois for sending MUA ========== 03/25/04 08:29:36 whois 62.38.237.28 () whois ripe net whois -h whois.ripe.net 62.38.237.28 ... % This is the RIPE Whois server. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/ripencc/pub-services/db/copyright.html inetnum: 62.38.0.0 - 62.38.255.255 netname: GR-HOL-20010530 descr: Hellas On Line S.A. descr: PROVIDER country: GR admin-c: HA194-RIPE tech-c: CO95-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: AS3329-MNT changed: hostmaster () ripe net 20010530 changed: hostmaster () ripe net 20031210 # gr.hol.aval via https://lirportal.ripe.net source: RIPE route: 62.38.0.0/16 descr: HOL origin: AS3329 mnt-lower: AS3329-MNT mnt-routes: AS3329-MNT mnt-by: AS3329-MNT changed: tkor () hol gr 20010530 source: RIPE role: HOL Administration address: Hellas On Line S.A. address: Harilaou Trikoupi 151 address: N. Kiffisia, Greece 14564 e-mail: admin () hol gr trouble: Questions....... mail to: noc () hol gr trouble: Spam Reports.... mail to: postmaster () hol gr trouble: Abuse Reports... mail to: abuse () hol gr admin-c: KK5841-RIPE tech-c: AV845-RIPE tech-c: TK583-RIPE tech-c: CO95-RIPE nic-hdl: HA194-RIPE mnt-by: AS3329-MNT changed: vicky () hol gr 19970821 changed: vicky () hol gr 19970826 changed: noc () hol gr 19981217 changed: aval () hol gr 20000110 changed: aval () hol gr 20010314 changed: aval () hol gr 20020121 changed: aval () hol gr 20030624 source: RIPE role: HOL Network Operations Center address: Hellas On Line S.A. address: Harilaou Trikoupi 151 address: N. Kiffisia, Greece 14564 e-mail: noc () hol gr trouble: Questions....... mail to: noc () hol gr trouble: Spam Reports.... mail to: postmaster () hol gr trouble: Abuse Reports... mail to: abuse () hol gr admin-c: KK5841-RIPE tech-c: AV845-RIPE tech-c: TK583-RIPE nic-hdl: CO95-RIPE mnt-by: AS3329-MNT changed: vicky () hol gr 19970821 changed: noc () hol gr 19981217 changed: aval () hol gr 20000110 changed: aval () hol gr 20010314 changed: aval () hol gr 20010320 changed: aval () hol gr 20010607 changed: aval () hol gr 20020121 changed: tkor () hol net 20030909 source: RIPE -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of macubergeek () comcast net Sent: March 24, 2004 4:27 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] meay-meay! The access is open !!! password for archive: 01825 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- meay-meay! macubergeek (Mar 24)
- RE: meay-meay! (virus sent via full-discosure list) Bill Royds (Mar 25)
- Re: meay-meay! (virus sent via full-discosure list) KUIJPERS Jimmy (Mar 25)
- RE: meay-meay! (virus sent via full-discosure list) Bill Royds (Mar 25)