[Date Prev][Date Next][Subject Prev][Subject Next][Date Index][Subject Index]

RE:



At 06:09 AM 11/28/00 +0200, you wrote:
>
>You've sent the HANSON.SCR to the list ... you may want to take the
necessary action
>
>Frank
>Attachment Converted: D:\EUDORA\RNNCNEWS\ATTACHED\RE


I'm not so sure that M Krok actually sent that virus (unless he owns the
"iafrica.com" computer. I recently received another virus which was
sent in a similar way, i.e. without the email identification (see original
posting of the virus... it came from the email address only without
the Maurice Krok name) The other one came from a University computer
and I only correspond with a single individual at that domain
(a close friend, who lives in the same city) and was similarly
sent, without header and without message -- in other words an email
that contained nothing except the virus and the return address without
a nickname.

I surmise that in both instances the virus has attached itself to the
outgoing mail stream of an internet provider's server and grabbed
addresses to use for its propagation. This is related to the technique
of using various servers as "bounce" points to overload a single
server from multiple directions at once. It would mean that the
virus would be very difficult to track back and could be blamed on the
wrong source. 

I don't know this for certain but it seems possible in the light of
the other one, which is_not_ present on my friend's computer, and
therefore had to originate on the server.

pjd

HAVING WRITTEN THE ABOVE
I just got another copy from  rrr@xxxxxxxxx

AFTER -- Rene v. Rentzell, Tokyo  said that he had
deleted the virus. Somebody get the Flit.

pjd