Vulnerability Development mailing list archives
MMS Notification (fwd)
From: Derek Kwan <dkwan () KWAN ca>
Date: Tue, 25 Sep 2001 13:33:57 -0400 (EDT)
---------- Forwarded message ---------- Date: Tue, 25 Sep 2001 10:09:22 -0700 To: Derek Kwan <dkwan () KWAN ca> Subject: MMS Notification <rnieuwhof () nos com>
--- Begin Message --- From: "Derek Kwan" <dkwan () KWAN ca>
Date: Mon, 24 Sep 2001 18:40:43 -0400 (EDT)
---------- Forwarded message ---------- Date: 24 Sep 2001 18:06:20 -0000 From: bugtraq-owner () securityfocus com To: dkwan () KWAN ca Subject: Returned post for bugtraq () securityfocus com Hi! This is the ezmlm program. I'm managing the bugtraq () securityfocus com mailing list. I'm working for my owner, who can be reached at bugtraq-owner () securityfocus com. I'm sorry, your message (enclosed) was not accepted by the moderator. If the moderator has made any comments, they are shown below.-------------------- >>>>>Hmm, strange. Post this to vuln-dev () securityfocus com or focus-ms () securityfocus com. <<<<< -------------------- <<<<< [INFO] -- Virus Manager: This email message and any attachments have been scanned for viruses and are believed to be free of any virus.--- Begin Message --- From: "Derek Kwan" <dkwan () KWAN ca>
Date: Sun, 23 Sep 2001 20:20:24 -0400 (EDT)
Today I have rebooted one of my WinME box (haven't reboot this box for alteast 3 months!) because I need to replace a CPU Fan. After the 'operation' (a very dusty one) WinME booted as expacted and I just turn off the montor and walked away. Then after dinner, as one my regular 'hobby' (I think I need a life) I was checking my MRTG chart and logs. Noticed something from my Internal network was hammering my Server. A futher study shows my freshly rebooted WinME keeps requesting a "identd.cab" from my web server. So I went back to my WinME machine and check on ZoneAlarm (thx!) and notice a process name "Microsoft Qmgr" is accessing the network, so quickly I stopped the app. Seems like MS Qmgr is keep requesting identd.cab from my web server for the past 3 Hours (and 4 minutes 31 seconds) and have 255259 request from my access_log! Not sure what the heck is Qmgr, and a search on Internet, found this link:- http://www.langa.com/newsletters/2001/2001-09-17.htm#5 Hopefully this info is going to be helpful for someone.... Gosh, if I didn't check my server, it will fill up my log disk pretty quick! Now my question is why the heck Qmgr is looking for identd.cab from my server? Hummmm.... Derek \|/ _____ \|/ *************************************************** "@'/ , . \`@" This e-mail is send with 100% recyclable electrons. /_| \___/ |__\ *************************************************** \___U_/ Derek () KWAN ca
--- End Message ---
--- End Message ---
Current thread:
- MMS Notification (fwd) Derek Kwan (Sep 25)
- Re: MMS Notification (fwd) Stanley G. Bubrouski (Sep 25)