[Oberon] Has the Oberon mailing list been compromised?
Alan Corey
coreya at valinet.com
Mon Feb 23 23:57:28 CET 2004
Sounds to me like W32/Netsky which was new last week. It's one of those
modern efficient little things that contains its own SMTP engine and combs
the infected (Windows) machine for both destination and originating email
addresses. Someone on the list probably has an infected machine, but the
virus could be impersonating anyone on the list.
We bagged about 100 of them overnight on the mail server where I work.
See http://vil.nai.com/vil/content/v_101034.htm for more details. For a
free scanning and cleaning tool see http://vil.nai.com/vil/stinger
I use Pine on my ISP's Linux box, it wasn't me. :-)
Alan Corey
---------------------------------------------------------------
Unix - the mature operating system.
My favorite computer game is reporting spammers.
On Mon, 23 Feb 2004, Thomas Frey wrote:
> Date: Mon, 23 Feb 2004 22:22:03 +0100
> From: Thomas Frey <frey at inf.ethz.ch>
> Reply-To: ETH Oberon and related systems <oberon at inf.ethz.ch>
> To: ETH Oberon and related systems <oberon at inf.ethz.ch>
> Subject: Re: [Oberon] Has the Oberon mailing list been compromised?
>
> > I've gotten one of those emails. It had a virus
> > attached.
>
> >>Hence I assume someone, group, or worm, has stollen
> >>the ETH Oberon
> >>mailing list.
>
> I guess it is more the normal way, these worms/viruses work:
> Checking the address-book and in-box on infected machines, to fake the
> "From: " and "To: " and sometimes "Subject: " part in the messages sent
> to spread itself.
> Also the Oberon list is not yet hosted on an Oberon system, it should be
> quite safe on the professionally maintained Unix/Linux server.
> Of course an Aos/Bb Server would be better ;-)
>
> --Thomas
>
> --
> Oberon at inf.ethz.ch mailing list for ETH Oberon and related systems
> https://www.mail.inf.ethz.ch/lists/listinfo/oberon
>
More information about the Oberon
mailing list