Re: lots of sobig virus emails.
Valdis.Kletnieks_at_vt.edu
Date: 08/20/03
- Previous message: Bojan Zdrnja: "RE: Unusual DNS and port 37 requests"
- In reply to: wirepair: "lots of sobig virus emails."
- Next in thread: Kee Hinckley: "Re: lots of sobig virus emails."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: wirepair <wirepair@roguemail.net> Date: Wed, 20 Aug 2003 00:30:06 -0400
On Tue, 19 Aug 2003 09:44:15 PDT, wirepair <wirepair@roguemail.net> said:
> because i'm not infected. It also looks like i'm getting a ton from 'security peoples' email addresses.
> sans/securityfocus.com/other people. Maybe someone released the virus using a list of people from security lists?
Nothing that devious... :)
*YOU* are getting a ton from "security people" because the people you are
getting copies from have security people's addresses in their mail folders.
Some poor Microsoft-using drudge gets infected, it trolls the folders, spams
using what addresses it finds - and due to "locality of reference", you'll get
mostly security-related addresses because that's the crowd you hang with.
Remember, if you get a Sobig-F claiming to be from somebody, all that *really*
means is that the *real* problem user has both you and that somebody in their
mail folders someplace...
Meanwhile, over on the dachsund-breeders list, everybody is wondering why the
virus was released with a bunch of dachsund owners as the list, and the
canoe-builders list is getting hammered by addresses from outdoor-activity
lists, and so on....
- application/pgp-signature attachment: stored
- Previous message: Bojan Zdrnja: "RE: Unusual DNS and port 37 requests"
- In reply to: wirepair: "lots of sobig virus emails."
- Next in thread: Kee Hinckley: "Re: lots of sobig virus emails."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
