Re: attachment and e-mail where to report these security issues?
From: Phil Weldon (notdisclosed_at_example.com)
Date: 03/26/04
- Next message: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Previous message: pter: "RE: Windows Shutting Down"
- In reply to: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Next in thread: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Reply: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Mar 2004 04:40:49 GMT
No, you don't understand. These infected messages use harvested email
addresses in the "From" field in the headers, but the IP address in the
headers is the actual IP address the infected system used for its connection
to the internet. If you follow the directions Veronica Loell gave, the ISP
will have the information necessary to locate the account with the infected
system, even if the IP address were dynamically assigned. And if the
"From" email address WERE correct (which it never is - after all the virus
writers don't want the infected systems tracked down), then it would be a
GOOD a thing, not a bad thing, to let the ISP know. After all, if someone
has an infected system, don't you think they would like to know about it and
get help? Think about it; if your system were spreading a virus you would
like to know about it as soon as possible, I hope.
-- Phil Weldon, pweldonatmindjumpdotcom For communication, replace "at" with the 'at sign' replace "mindjump" with "mindspring." replace "dot" with "." "D.Currie" <dmbcurrie.nospam@hotmail.com> wrote in message news:c4087c$2dserh$1@ID-193095.news.uni-berlin.de... > Unfortunately, if you report the sender, you're either reporting some poor > fool whose computer is infected (and he's either fighting it or doesn't know > he has it) or you're reporting some innocent third party whose address is > being spoofed by the virus because the infected computer has that name in > the address book. Most likely it's going to be the innocent third party > because that's the way most of the newer viruses work these days. > > So not only does it do no good, it also can harm an innocent person if the > ISP does take some action and/or it ties up the ISP who get these reports.
- Next message: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Previous message: pter: "RE: Windows Shutting Down"
- In reply to: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Next in thread: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Reply: D.Currie: "Re: attachment and e-mail where to report these security issues?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
