[simpits-chat] Framed
Mike Williams
simpits-chat@simpits.org
Tue, 18 Feb 2003 21:31:18 -0500
--Boundary_(ID_hVPvtc8X1HEWxvrmXwvc3w)
Content-type: multipart/alternative;
boundary="Boundary_(ID_KxPn9cW8zSzXkZLj5c1Qaw)"
--Boundary_(ID_KxPn9cW8zSzXkZLj5c1Qaw)
Content-type: Text/Plain; charset=iso-8859-1
Content-transfer-encoding: 7BIT
The culprit could have done more damage to her in-box by putting her email
address out on usenet for a spambot snack, I would suggest doing a little
research
on the net on forging headers, there is lots of info out there, use some of
that for your defense.
Mike Williams
-------Original Message-------
From: simpits-chat@simpits.org
Date: Tuesday, February 18, 2003 4:32:21 PM
To: simpits-chat@simpits.org
Subject: Re: [simpits-chat] Framed
Brian, send me the message header so I can take a look at it. Yes, it's
easy to spoof an ip address. It's done all the time in denial of service
attacks.
Since Win98 has no security to speak of, anyone with physical access to
the machine could comprimise it.
In my opinion, trying to accuse you of "computer misuse/fraud" for
subscribing someone to a mailing list is absurd. Also, every mailing list
that I'm on required me to submit a confirmation email to verify the
authenticity of the subscription request. Tell me what the list address
is and I'll verify whether or not this "raunch" list has that policy. If
they do, someone with access to the Dean of Students' email account
subscribed (her) to the list.
g.
On Tue, 18 Feb 2003, Brian Sikkema wrote:
> Hey Guys,
>
> This is way OT, even for the chat list, but I need some serious advice
here.
>
> Thursday the school shut off my network connection, and told me to go to
the
> deans office. I thought I had been busted for copyright violations (mp3s),
> but today I got my official letter stating the charges:
>
> Sexual harassment and computer misuse/fraud.
>
> Talk about a wake-up call!!! Anyway, I had a meeting today at 2:30 to
> discuss the sitation, where they provided me with the evidence against me.
> Someone subscribed the dean of students to a raunchy mailing list, and
they
> traced the subscribing command back to my IP. So here's my question:
>
> How possible/likely would it be for someone to either spoof my IP in the
> subscription request, or hack my computer and make the subscription from
> there? I was running '98 at the time (I dual boot), but I do not have
> outlook or any other mail programs installed. So, what's your technical
> oppinion? I know I didn't do it, but I'm hoping to come up with some
> evidence to support my theories. My hearing is 2:30 on Thursday (EST).
>
> All help appreciated!
> Brian
>
>
>
>
>
> _________________________________________________________________
> Help STOP SPAM with the new MSN 8 and get 2 months FREE*
> http://join.msn.com/?page=features/junkmail
>
> _______________________________________________
> simpits-chat mailing list
> simpits-chat@simpits.org
> http://www.simpits.org/mailman/listinfo/simpits-chat
>
_______________________________________________
simpits-chat mailing list
simpits-chat@simpits.org
http://www.simpits.org/mailman/listinfo/simpits-chat
.
--Boundary_(ID_KxPn9cW8zSzXkZLj5c1Qaw)
Content-type: Text/HTML; charset=iso-8859-1
Content-transfer-encoding: quoted-printable
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Diso-8859-=
1">
<META content=3D"IncrediMail 1.0" name=3DGENERATOR>
<!--IncrdiXMLRemarkStart>
<IncrdiX-Info>
<X-FID>FLAVOR00-NONE-0000-0000-000000000000</X-FID>
<X-FVER></X-FVER>
<X-CNT>;</X-CNT>
</IncrdiX-Info>
<IncrdiXMLRemarkEnd-->
</HEAD>
<BODY style=3D"BACKGROUND-POSITION: 0px 0px; FONT-SIZE: 12pt; MARGIN: 5px=
10px 10px; FONT-FAMILY: Arial" bgColor=3D#ffffff background=3D"" scroll=3D=
yes ORGYPOS=3D"0" X-FVER=3D"3.0">
<TABLE id=3DINCREDIMAINTABLE cellSpacing=3D0 cellPadding=3D2 width=3D"100=
%" border=3D0>
<TBODY>
<TR>
<TD id=3DINCREDITEXTREGION style=3D"FONT-SIZE: 12pt; CURSOR: auto; FONT-F=
AMILY: Arial" width=3D"100%">
<DIV>The culprit could have done more damage to her in-box by puttin=
g her email address out on usenet for a spambot snack, I would suggest do=
ing a little research</DIV>
<DIV>on the net on forging headers, there is lots of info out there,=
use some of that for your defense.<BR> </DIV>
<DIV> </DIV>
<DIV><IMG src=3D"cid:D4B0DA66-F42B-467D-B49C-CA14E71CE94F"></DIV>
<DIV>Mike Williams</DIV>
<DIV id=3DIncrediOriginalMessage><I>-------Original Message-------</I></D=
IV>
<DIV> </DIV>
<DIV id=3Dreceivestrings>
<DIV dir=3Dltr style=3D"FONT-SIZE: 11pt" <i><B>From:</B></I> <A href=3D"m=
ailto:simpits-chat@simpits.org">simpits-chat@simpits.org</A></DIV>
<DIV dir=3Dltr style=3D"FONT-SIZE: 11pt" <i><B>Date:</B></I> Tuesday, Feb=
ruary 18, 2003 4:32:21 PM</DIV>
<DIV dir=3Dltr style=3D"FONT-SIZE: 11pt" <i><B>To:</B></I> <A href=3D"mai=
lto:simpits-chat@simpits.org">simpits-chat@simpits.org</A></DIV>
<DIV dir=3Dltr style=3D"FONT-SIZE: 11pt" <i><B>Subject:</B></I> Re: [simp=
its-chat] Framed</DIV></DIV>
<DIV> </DIV>Brian, send me the message header so I can take a look a=
t it. Yes, it's<BR>easy to spoof an ip address. It's done all the time in=
denial of service<BR>attacks.<BR><BR>Since Win98 has no security to spea=
k of, anyone with physical access to<BR>the machine could comprimise it.<=
BR><BR>In my opinion, trying to accuse you of "computer misuse/fraud" for=
<BR>subscribing someone to a mailing list is absurd. Also, every mailing =
list<BR>that I'm on required me to submit a confirmation email to verify =
the<BR>authenticity of the subscription request. Tell me what the list ad=
dress<BR>is and I'll verify whether or not this "raunch" list has that po=
licy. If<BR>they do, someone with access to the Dean of Students' email a=
ccount<BR>subscribed (her) to the list.<BR><BR>g.<BR><BR><BR>On Tue, 18 F=
eb 2003, Brian Sikkema wrote:<BR><BR>> Hey Guys,<BR>><BR>> This =
is way OT, even for the chat list, but I need some serious advice here.<B=
R>><BR>> Thursday the school shut off my network connection, and to=
ld me to go to the<BR>> deans office. I thought I had been busted for =
copyright violations (mp3s),<BR>> but today I got my official letter s=
tating the charges:<BR>><BR>> Sexual harassment and computer misuse=
/fraud.<BR>><BR>> Talk about a wake-up call!!! Anyway, I had a meet=
ing today at 2:30 to<BR>> discuss the sitation, where they provided me=
with the evidence against me.<BR>> Someone subscribed the dean of stu=
dents to a raunchy mailing list, and they<BR>> traced the subscribing =
command back to my IP. So here's my question:<BR>><BR>> How possibl=
e/likely would it be for someone to either spoof my IP in the<BR>> sub=
scription request, or hack my computer and make the subscription from<BR>=
> there? I was running '98 at the time (I dual boot), but I do not hav=
e<BR>> outlook or any other mail programs installed. So, what's your t=
echnical<BR>> oppinion? I know I didn't do it, but I'm hoping to come =
up with some<BR>> evidence to support my theories. My hearing is 2:30 =
on Thursday (EST).<BR>><BR>> All help appreciated!<BR>> Brian<BR=
>><BR>><BR>><BR>><BR>><BR>> ___________________________=
______________________________________<BR>> Help STOP SPAM with the ne=
w MSN 8 and get 2 months FREE*<BR>> <A href=3D"http://join.msn.com/?pa=
ge=3Dfeatures/junkmail">http://join.msn.com/?page=3Dfeatures/junkmail</A>=
<BR>><BR>> _______________________________________________<BR>> =
simpits-chat mailing list<BR>> <A href=3D"mailto:simpits-chat@simpits.=
org">simpits-chat@simpits.org</A><BR>> <A href=3D"http://www.simpits.o=
rg/mailman/listinfo/simpits-chat">http://www.simpits.org/mailman/listinfo=
/simpits-chat</A><BR>><BR><BR>________________________________________=
_______<BR>simpits-chat mailing list<BR><A href=3D"mailto:simpits-chat@si=
mpits.org">simpits-chat@simpits.org</A><BR><A href=3D"http://www.simpits.=
org/mailman/listinfo/simpits-chat">http://www.simpits.org/mailman/listinf=
o/simpits-chat</A><BR>. </TD></TR>
<TR>
<TD id=3DINCREDIFOOTER width=3D"100%">
<TABLE cellSpacing=3D0 cellPadding=3D0 width=3D"100%">
<TBODY>
<TR>
<TD width=3D"100%"></TD>
<TD id=3DINCREDISOUND vAlign=3Dbottom align=3Dmiddle></TD>
<TD id=3DINCREDIANIM vAlign=3Dbottom align=3Dmiddle></TD></TR></TBODY></T=
ABLE></TD></TR></TBODY></TABLE></BODY></HTML>=
--Boundary_(ID_KxPn9cW8zSzXkZLj5c1Qaw)--
--Boundary_(ID_hVPvtc8X1HEWxvrmXwvc3w)
Content-id: <D4B0DA66-F42B-467D-B49C-CA14E71CE94F>
Content-type: image/gif; name=sg-0.gif
Content-transfer-encoding: base64
Content-disposition: attachment; filename=sg-0.gif
R0lGODlheQBAAPABAAAAAL29vSH5BAEAAAEALAAAAAB5AEAAAAL+jI8Gye0Po5y0OoDDUnjbD4ai
tXRapozqypKlh3LtTKtd7J1IXPf+xwv+hsSISXbIFZfLYE7JjPZ4mp30+nNasdwWVVnadscTKsNM
ThvV7Bm0DY/L5/S6/T464vfvPRld5Qe3AdUnmFZI8WR4aHOmmATY6ChmBIPCOFmR2AB2qVnDafkE
6raVmfJZyqKKWkW46hWJBHHzGrvSihp24op7kRRoCCPs+9spA9t5SWhMKaesfKabEjn8Mv04hy18
QYz0uYgt3ZvgLMXbbd6MiQnO8cLdWhmnd2u9c+OebqtT3avvGx0zkrw1K2dOkb47fc4dewgxosSJ
FCtavIgxo8YcjRw7evwIMqTIkSRLmjyJMqXKlSxbunwJM6acAgA7
--Boundary_(ID_hVPvtc8X1HEWxvrmXwvc3w)--