[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] question about sobig

Subject: [ale] question about sobig
From: john at marasco.net (John Marasco)
Date: Wed, 20 Aug 2003 07:55:08 -0400

Selected quote about the SoBIG virus...

But even those who weren??t directly infected with the virus were 
struggling with it. When it replicates, the virus ??spoofs?? the sending 
e-mail address. That means the ??From:?? line is faked, selected from a 
list of e-mail addresses culled off the Internet. Users unlucky enough 
to be used in SoBig??s ??From?? line can get hundreds of SoBig-related 
complaints, including automated bounce messages saying the virus didn??t 
reach its recipient, or irate messages from recipients who think they??ve 
been sent a computer virus.

John Wells wrote:

>This morning, my inbox was filled with sobig.  I expected that.  However,
>I found a number of supposedly returned mail carrying sobig that appeared
>to have been originally sent from my wife's and my email addresses.
>
>I assume, since I run linux exclusively and my wife only emails through
>squirrel mail, that this means someone out there that has received mail
>from us is infected and the worm is trying to send out with our email
>addresses as source address, which then get bounced by certain smart
>servers back to us.  Is this a good assumption?
>
>Is there any way to track down an infected box?
>
>Thanks for the input.
>
>John
>
>
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://www.ale.org/mailman/listinfo/ale
>
>  
>

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

Prev by Date: [ale] question about sobig
Next by Date: [ale] question about sobig
Previous by thread: [ale] question about sobig
Next by thread: [ale] question about sobig
Index(es):
- Date
- Thread