Re: Email Issues
From: Roger A. Grimes (roger_at_banneretcs.com)
Date: 02/26/04
- Previous message: MATT GIBSON: "Protecting Multiple Public IP Workstations"
- In reply to: sean.osullivan_at_ise.ie: "Email Issues"
- Next in thread: Duffy H: "FW: Email Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <sean.osullivan@ise.ie>, <security-basics@securityfocus.com> Date: Thu, 26 Feb 2004 15:05:02 -0500
Sounds like the virus was stripped by another AV gateway and you're getting
what's left.
Roger
****************************************************************************
****
*Roger A. Grimes, Computer Security Consultant
*CPA, MCSE:Security (NT/2000/2003/MVP), CNE (3/4), A+
*email: roger@banneretcs.com
*cell: 757-615-3355
*Author of Malicious Mobile Code: Virus Protection for Windows by O'Reilly
*http://www.oreilly.com/catalog/malmobcode
*Author of upcoming Honeypots for Windows (Apress)
****************************************************************************
*****
----- Original Message -----
From: <sean.osullivan@ise.ie>
To: <security-basics@securityfocus.com>
Sent: Thursday, February 26, 2004 4:51 AM
Subject: Email Issues
> Hi All
>
> Something weird has been happening the last three days. We have been
getting
> mails that look like the NetSky virus (smae text and attachments), to a
certain mailboxs, but the weird thing is
> that the .zip attachment is 78 Bytes, the actual virus .zip file is 22,016
> bytes. Another things is our Mailsweeper is set to block all .zip files
but
> this one is getting through. I did a test and sent a mail with a normal
.zip
> attachment to this mail box and it got blocked. Has anyone seen this or
> have any ideas on what its all about?
>
> Thanks in advance.
>
> Sean
>
>
> **********************************************************************
> This footnote also confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.
>
> www.mimesweeper.com
> **********************************************************************
>
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
-- > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
- Previous message: MATT GIBSON: "Protecting Multiple Public IP Workstations"
- In reply to: sean.osullivan_at_ise.ie: "Email Issues"
- Next in thread: Duffy H: "FW: Email Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
