[ale] question about sobig
Geoffrey
esoteric at 3times25.net
Wed Aug 20 07:48:16 EDT 2003
John Wells wrote:
> This morning, my inbox was filled with sobig. I expected that. However,
> I found a number of supposedly returned mail carrying sobig that appeared
> to have been originally sent from my wife's and my email addresses.
>
> I assume, since I run linux exclusively and my wife only emails through
> squirrel mail, that this means someone out there that has received mail
> from us is infected and the worm is trying to send out with our email
> addresses as source address, which then get bounced by certain smart
> servers back to us. Is this a good assumption?
This is absolutely correct. I've been considering placing the following
in my sig:
'Please do not place my email address in your address book if you are
using a Microsoft based email product, since they are so easily attacked
by viri and will use these addresses for spoofing email viri.'
>
> Is there any way to track down an infected box?
Is it running a Microsoft product? I actually was able to track one
down, only because I received an email that indicated the sender was the
sister of a friend of my wife. (did you follow that?) Point is, this
person would never email me, so the only other possibility was that the
friend was infected and my email address was pulled from their addresss
book.
In all likely hood you're pretty much out of luck in trying to figure it
out.
--
Until later: Geoffrey esoteric at 3times25.net
The latest, most widespread virus? Microsoft end user agreement.
Think about it...
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list