[simpits-tech] Attn Gene, suspect hacking on simpits site
Ben Jones
simpits-tech@simpits.org
Tue, 29 Oct 2002 18:07:22 +0800
This is a multi-part message in MIME format.
------_=_NextPart_001_01C27F32.F9138C5C
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
i,m still geting notification from my isp that someone is trying to send =
me the WORM_YAHA.E virus
=20
=20
I STRESS MY SYSTEM IS CLEAN !!!
=20
the senders are=20
=20
hetwoonhuis
ch.huyben
Mail Delivery System
hetwoonhuis@wxs.nl
=20
=20
dont know if this helps any one , of if they know these mysterious =
senders
=20
=20
BEN =20
JONES=20
-----------------------------------------=20
bjones@pipecomp.com.au=20
------------------------------------------------=20
-----Original Message-----
From: Alan D. Mazurka [mailto:adm.design@verizon.net]
Sent: Tuesday, 29 October 2002 3:34 AM
To: simpits-tech@simpits.org
Cc: adm.design@verizon.net
Subject: Re: [simpits-tech] Attn Gene, suspect hacking on simpits site
hi, Gene
....probably from a piece of mail from simpits-tech, but i can't comment =
further.=20
it's the same version of the thing travelling around a few weeks back. i =
deleted it too fast to associate the owner with the mischief. most of =
the time they don't even know they're infected.
since your'e unix-based, it's probably a different problem altogether.
still, thanks for your good detective work.
- adm -
=20
At 11:12 AM 10/28/02 -0800, you wrote:
> norton picked up (yet one more of those) files in /spool.tmp (or some =
such)
>
Picked it up from where?
g.
_______________________________________________
Simpits-tech mailing list
Simpits-tech@simpits.org
http://www.simpits.org/mailman/listinfo/simpits-tech
To unsubscribe, please see the instructions at the bottom of the above =
page. Thanks!=20
_____ =20
Alan D. Mazurka Webspace Design & Implementation
adm.design@verizon.net =20
------_=_NextPart_001_01C27F32.F9138C5C
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4611.1300" name=3DGENERATOR></HEAD>
<BODY>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2>i,m=20
still geting notification from my isp that someone is trying to send me=20
the <FONT size=3D2>WORM_YAHA.E virus</DIV>
<DIV></FONT> </DIV>
<DIV></FONT></SPAN><SPAN class=3D400340910-29102002><FONT face=3DArial =
color=3D#0000ff=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2>I=20
STRESS MY SYSTEM IS CLEAN !!!</FONT></SPAN></DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2>the=20
senders are </FONT></SPAN></DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2><FONT=20
size=3D2></FONT></FONT></SPAN> </DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2><FONT=20
size=3D2>hetwoonhuis</FONT></FONT></SPAN></DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2><FONT=20
size=3D2>ch.huyben</FONT></FONT></SPAN></DIV>
<DIV><SPAN class=3D400340910-29102002></SPAN><SPAN =
class=3D400340910-29102002><FONT=20
size=3D2>Mail Delivery System</FONT></SPAN></DIV>
<DIV><SPAN class=3D400340910-29102002><A=20
href=3D"mailto:hetwoonhuis@wxs.nl">hetwoonhuis@wxs.nl</A></SPAN></DIV>
<DIV><SPAN class=3D400340910-29102002></SPAN> </DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2>dont=20
know if this helps any one , of if they know these mysterious=20
senders</FONT></SPAN></DIV>
<DIV><SPAN class=3D400340910-29102002><FONT face=3DArial color=3D#0000ff =
size=3D2></FONT> </DIV></SPAN>
<DIV><FONT face=3DArial color=3D#0000ff size=3D2></FONT> </DIV>
<P><FONT face=3DArial size=3D2>BEN <FONT size=3D2></P>
<P></FONT>JONES </FONT><BR><FONT face=3DArial=20
size=3D2>-----------------------------------------</FONT> <BR><FONT =
face=3DArial=20
size=3D2>bjones@pipecomp.com.au</FONT> <BR><FONT face=3DArial=20
size=3D2>------------------------------------------------</FONT> </P>
<BLOCKQUOTE>
<DIV class=3DOutlookMessageHeader dir=3Dltr align=3Dleft><FONT =
face=3DTahoma=20
size=3D2>-----Original Message-----<BR><B>From:</B> Alan D. Mazurka=20
[mailto:adm.design@verizon.net]<BR><B>Sent:</B> Tuesday, 29 October =
2002 3:34=20
AM<BR><B>To:</B> simpits-tech@simpits.org<BR><B>Cc:</B>=20
adm.design@verizon.net<BR><B>Subject:</B> Re: [simpits-tech] Attn =
Gene,=20
suspect hacking on simpits site<BR><BR></FONT></DIV>hi,=20
Gene<BR><BR>....probably from a piece of mail from simpits-tech, but i =
can't=20
comment further. <BR><BR>it's the same version of the thing travelling =
around=20
a few weeks back. i deleted it too fast to associate the owner with =
the=20
mischief. most of the time they don't even know they're =
infected.<BR><BR>since=20
your'e unix-based, it's probably a different problem =
altogether.<BR><BR>still,=20
thanks for your good detective work.<BR><BR> - adm =
-<BR> <BR><BR>At=20
11:12 AM 10/28/02 -0800, you wrote:<BR>
<BLOCKQUOTE class=3Dcite cite type=3D"cite">> norton picked up (yet =
one more=20
of those) files in /spool.tmp (or some such)<BR>><BR>Picked it up =
from=20
=
where?<BR><BR>g.<BR><BR>_______________________________________________<B=
R>Simpits-tech=20
mailing list<BR>Simpits-tech@simpits.org<BR><A=20
href=3D"http://www.simpits.org/mailman/listinfo/simpits-tech"=20
=
eudora=3D"autourl">http://www.simpits.org/mailman/listinfo/simpits-tech</=
A><BR>To=20
unsubscribe, please see the instructions at the bottom of the above=20
page. Thanks! </BLOCKQUOTE><X-SIGSEP>
<P></X-SIGSEP>
<HR>
<BR>Alan D.=20
=
Mazurka =
=20
Webspace Design &=20
Implementation<BR>adm.design@verizon.net =20
<BR></BLOCKQUOTE></BODY></HTML>
------_=_NextPart_001_01C27F32.F9138C5C--