[ale] question about sobig

John Wells jb at sourceillustrated.com
Wed Aug 20 08:36:49 EDT 2003


What a pain in the a$$.

Geoffrey said:
> John Wells wrote:
>> This morning, my inbox was filled with sobig.  I expected that.
>> However,
>> I found a number of supposedly returned mail carrying sobig that
>> appeared
>> to have been originally sent from my wife's and my email addresses.
>>
>> I assume, since I run linux exclusively and my wife only emails through
>> squirrel mail, that this means someone out there that has received mail
>> from us is infected and the worm is trying to send out with our email
>> addresses as source address, which then get bounced by certain smart
>> servers back to us.  Is this a good assumption?
>
> This is absolutely correct.  I've been considering placing the following
> in my sig:
>
> 'Please do not place my email address in your address book if you are
> using a Microsoft based email product, since they are so easily attacked
> by viri and will use these addresses for spoofing email viri.'
>
>>
>> Is there any way to track down an infected box?
>
> Is it running a Microsoft product?  I actually was able to track one
> down, only because I received an email that indicated the sender was the
> sister of a friend of my wife. (did you follow that?)  Point is, this
> person would never email me, so the only other possibility was that the
> friend was infected and my email address was pulled from their addresss
> book.
>
> In all likely hood you're pretty much out of luck in trying to figure it
> out.
>
>
> --
> Until later: Geoffrey		esoteric at 3times25.net
>
> The latest, most widespread virus?  Microsoft end user agreement.
> Think about it...
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list