On Jun 9, 2005, at 8:06 AM, tom felts wrote:
> I did not open the attachment------hope the list admin tells us soon.
>
>
There is nothing to tell .. it is an evil executable so don't unzip
or run it. I had a peek at the code since I am on a Mac here and
cannot be infected.
My concern here is that everyone on the list has been sent this,
which means the list of members has been accessed. What I would like
to hear from the admin is if he has been hacked since this person
clearly has access to the list of email addresses of all members. OR
more likely, the listserver has been hacked and they have bypassed
the setting to delete attachments.
This is probably the culprit by looking at the headers:
(c-24-12-147-227.hsd1.il.comcast.net [24.12.147.227])
Received: from autox.team.net
(c-24-12-147-227.hsd1.il.comcast.net [24.12.147.227])
by autox.team.net (8.13.3/8.13.3) with ESMTP id
j59DFXQL003338 for
<healeys-qwerty@autox.team.net>; Thu, 09 Jun 2005 07:15:33 -0600
So if you wanted to ID the person you need to send a complaint to
OrgAbuseName: Network Abuse and Policy Observance
OrgAbusePhone: 1-856-317-7272
OrgAbuseEmail: abuse@comcast.net
They can match the timestamp with their records - if they can be
bothered. We need to hear from the admin if that IP is a registered
user or has legitimate access to the machine.
Rohan
*******************************
Rohan Marr
('56 Longbridge BN4-O/28579)
aka 'Hellouise'
|