[60983] in North American Network Operators' Group
Re: Hey netscalibur! (was: Re: Hijacked email)
daemon@ATHENA.MIT.EDU (just me)
Wed Aug 20 15:15:22 2003
Date: Wed, 20 Aug 2003 12:14:45 -0700 (PDT)
From: just me <matt@snark.net>
To: Christopher Chin <cchin@ack.Berkeley.EDU>
Cc: <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.53.0308201001570.9139@ack.Berkeley.EDU>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 20 Aug 2003, Christopher Chin wrote:
Okie doke.... is Netscalibur in the house? I might assume so
based on the "nanog-ish" return address on the received e-mail
from [195.157.87.253]. This IP is sourcing Sobig.F to me, and
*as* me.
The received mail:
From nanog@ehlke.net Wed Aug 20 10:03:00 2003
Received: from KYAN ([195.157.87.253])
I got six various examples from this exact machine, until I just
nullrouted Netscalibur's /16. They have been the only virus messages
I've seen so far.
matto
--mghali@snark.net------------------------------------------<darwin><
Flowers on the razor wire/I know you're here/We are few/And far
between/I was thinking about her skin/Love is a many splintered
thing/Don't be afraid now/Just walk on in. #include <disclaim.h>
