Metalworking (rec.crafts.metalworking) Discuss various aspects of working with metal, such as machining, welding, metal joining, screwing, casting, hardening/tempering, blacksmithing/forging, spinning and hammer work, sheet metal work.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1   Report Post  
Harold & Susan Vordos
 
Posts: n/a
Default OT Gremlins have been busy!

Booted up tonight after putting in a day of work on the house we're
building. Waiting for me were 67 messages, 28 of which were virus infected.
Our ISP traps them, but we get a report along with anything that wasn't
deleted. Along with the messages were three from other ISP's suggesting
that I am sending mail that is infected, that I should attend to my computer
before re-sending the messages, which they had deleted. Funny thing is,
I'm not the sender. I hadn't even heard of the recipients, all of which
were commercial establishments. Anyone out there having the same "good
luck"?

Harold


  #2   Report Post  
Keith Marshall
 
Posts: n/a
Default OT Gremlins have been busy!

Funny thing is, I'm not the sender. I hadn't even heard of the
recipients, all
of which were commercial establishments. Anyone out there having the same
"good luck"?

Yep, afraid so. Since yesterday morning I have received 2733 messages with
a virus attached (but removed by Norton Antivirus) and an unknown number
(probably a few hundred) of messages like you described where I was
supposedly the sender. The "From" address is one that I had posted on my
Web site for support (I knew better but never got around to hiding it until
now) and I have never sent any email from that address so I know it's the
virus doing it. Here's a link with info if you're interested:



They actually seem to be slowing down now, finally. I've only gotten 3 or 4
copies in the last couple of hours.

Best Regards,
Keith Marshall


"The universe is full of magical things,
patiently waiting for our wits to grow sharper."
-Eden Phillpotts, A Shadow Passes, 1934
"Harold & Susan Vordos" wrote in message
...
Booted up tonight after putting in a day of work on the house we're
building. Waiting for me were 67 messages, 28 of which were virus

infected.
Our ISP traps them, but we get a report along with anything that wasn't
deleted. Along with the messages were three from other ISP's suggesting
that I am sending mail that is infected, that I should attend to my

computer
before re-sending the messages, which they had deleted. Funny thing is,
I'm not the sender. I hadn't even heard of the recipients, all of which
were commercial establishments. Anyone out there having the same "good
luck"?

Harold




  #3   Report Post  
Tim Williams
 
Posts: n/a
Default OT Gremlins have been busy!

I first heard about this virus yesterday and first thing today I was
deleting a good 15 (out of a total 45 or so, 98% spam). Between 3
and 8pm earlier today I remember I got 9 (out of 15 messages I think)..
This thing must be hitting hard!

Tim

--
In the immortal words of Ned Flanders: "No foot longs!"
Website @ http://webpages.charter.net/dawill/tmoranwms

"Harold & Susan Vordos" wrote in message
...
Booted up tonight after putting in a day of work on the house we're
building. Waiting for me were 67 messages, 28 of which were virus

infected.
Our ISP traps them, but we get a report along with anything that wasn't
deleted. Along with the messages were three from other ISP's suggesting
that I am sending mail that is infected, that I should attend to my

computer
before re-sending the messages, which they had deleted. Funny thing is,
I'm not the sender. I hadn't even heard of the recipients, all of which
were commercial establishments. Anyone out there having the same "good
luck"?

Harold




  #4   Report Post  
Harold & Susan Vordos
 
Posts: n/a
Default OT Gremlins have been busy!


"Keith Marshall" wrote in message
m...
Funny thing is, I'm not the sender. I hadn't even heard of the

recipients, all
of which were commercial establishments. Anyone out there having the

same
"good luck"?

Yep, afraid so. Since yesterday morning I have received 2733 messages

with
a virus attached (but removed by Norton Antivirus) and an unknown number
(probably a few hundred) of messages like you described where I was
supposedly the sender. The "From" address is one that I had posted on my
Web site for support (I knew better but never got around to hiding it

until
now) and I have never sent any email from that address so I know it's the
virus doing it. Here's a link with info if you're interested:




They actually seem to be slowing down now, finally. I've only gotten 3 or

4
copies in the last couple of hours.

After reading of your experience, I'll hold my whining for something more
serious! I can't even begin to imagine receiving that many messages, let
alone that many bad ones!

Thanks for the link, Keith. I guess the one good thing is the virus will
die a natural death eventually (September 10th). Mean time, I keep my
delete key ready to go!

Harold


  #5   Report Post  
Ian Stirling
 
Posts: n/a
Default OT Gremlins have been busy!

Harold & Susan Vordos wrote:
Booted up tonight after putting in a day of work on the house we're
building. Waiting for me were 67 messages, 28 of which were virus infected.
Our ISP traps them, but we get a report along with anything that wasn't
deleted. Along with the messages were three from other ISP's suggesting
that I am sending mail that is infected, that I should attend to my computer
before re-sending the messages, which they had deleted. Funny thing is,
I'm not the sender. I hadn't even heard of the recipients, all of which
were commercial establishments. Anyone out there having the same "good
luck"?


Unfortunately, some of these virus checkers don't really have a clue.
They detect the virus in an email (sent by the virus) and then take the
absurd leap that the From: line (set by the virus) is true, and mail
the 'originator' about it.

You can't really trust email headers, unless you know just how to read
them for your ISP, and all the ISPs that the message passed through.
It's near impossible for software to do this.

--
http://inquisitor.i.am/ | | Ian Stirling.
---------------------------+-------------------------+--------------------------
Lord, grant me the serenity to accept that I cannot change, the
courage to change what I can, and the wisdom to hide the bodies
of those I had to kill because they ****ed me off. - Random


  #6   Report Post  
Keith Marshall
 
Posts: n/a
Default OT Gremlins have been busy!

Oops, hit the send key before I typed anything. It's been a busy couple of
days. :-)

I just hit 2994 copies but I've setup Outlook to move them all to a special
folder so I don't really have to do anything for now. I'll leave them so I
can keep a running total of how many I've received and then I'll delete them
when it stops... if it ever does. :-)

Best Regards,
Keith Marshall


"The universe is full of magical things,
patiently waiting for our wits to grow sharper."
-Eden Phillpotts, A Shadow Passes, 1934
"Harold & Susan Vordos" wrote in message
...

"Keith Marshall" wrote in message
m...
Funny thing is, I'm not the sender. I hadn't even heard of the

recipients, all
of which were commercial establishments. Anyone out there having the

same
"good luck"?

Yep, afraid so. Since yesterday morning I have received 2733 messages

with
a virus attached (but removed by Norton Antivirus) and an unknown number
(probably a few hundred) of messages like you described where I was
supposedly the sender. The "From" address is one that I had posted on

my
Web site for support (I knew better but never got around to hiding it

until
now) and I have never sent any email from that address so I know it's

the
virus doing it. Here's a link with info if you're interested:





They actually seem to be slowing down now, finally. I've only gotten 3

or
4
copies in the last couple of hours.

After reading of your experience, I'll hold my whining for something more
serious! I can't even begin to imagine receiving that many messages, let
alone that many bad ones!

Thanks for the link, Keith. I guess the one good thing is the virus will
die a natural death eventually (September 10th). Mean time, I keep my
delete key ready to go!

Harold




  #7   Report Post  
DoN. Nichols
 
Posts: n/a
Default OT Gremlins have been busy!

In article ,
Harold & Susan Vordos wrote:
Booted up tonight after putting in a day of work on the house we're
building. Waiting for me were 67 messages, 28 of which were virus infected.
Our ISP traps them, but we get a report along with anything that wasn't
deleted. Along with the messages were three from other ISP's suggesting
that I am sending mail that is infected, that I should attend to my computer
before re-sending the messages, which they had deleted. Funny thing is,
I'm not the sender. I hadn't even heard of the recipients, all of which
were commercial establishments. Anyone out there having the same "good
luck"?


Of course. The virii pick up not only the addresses of new
potential victims from the current victim's e-mail collections (address
books, unread e-mail, unread news articles, etc), but also the address
to forge as the "From: " headers. I've gotten several, and I *know*
that these virii can't run on my unix systems, so they can't be
infected. (This does not say that it is impossible to write a virus for
a unix system, but it is more work, and fewer victims, so in general,
they don't bother.)

The victim who is sending these is probably a reader of the
rec.crafts.metalworking newsgroup, whether active or a lurker, which
explains how your address (and mine) came to be used.

You *do* have all the security patches up to date, don't you?
Not the ones from two days ago, but from *today*? (Microsoft has opened
new holes with some of the patches closing the old ones, so staying
up-to-date will help. Using a non-Microsoft OS will help a lot more. :-)

I've added about a half-dozen IP addresses of infected machines
to my blocklist, to slow down the flow that I've been getting. As a
result, I've not been getting them direct, but the bounces from ISPs who
filter out virii show the same IP addresses that I'm blocking as the
source (with my e-mail address forged).

The virus will usually send out a number under one forged
"From: " address, then move on to the next.

Good Luck,
DoN.

--
Email: | Voice (all times): (703) 938-4564
(too) near Washington D.C. | http://www.d-and-d.com/dnichols/DoN.html
--- Black Holes are where God is dividing by zero ---
  #10   Report Post  
Gary Coffman
 
Posts: n/a
Default OT Gremlins have been busy!

On Thu, 21 Aug 2003 04:50:05 GMT, "Harold & Susan Vordos" wrote:
Booted up tonight after putting in a day of work on the house we're
building. Waiting for me were 67 messages, 28 of which were virus infected.
Our ISP traps them, but we get a report along with anything that wasn't
deleted. Along with the messages were three from other ISP's suggesting
that I am sending mail that is infected, that I should attend to my computer
before re-sending the messages, which they had deleted. Funny thing is,
I'm not the sender. I hadn't even heard of the recipients, all of which
were commercial establishments. Anyone out there having the same "good
luck"?


Sure. Lots of viruses and worms will forge the Reply To field with an
address they got from the infected computer's contact list. So the
virus may actually be spamming from the computer of an aquaintence
who has your email address in his address book.

Some viruses can actually grab an address off a usenet posting and
use that. So you might not even be in the infected machine's address
book. Your address might have been picked up on the fly while the
person with the infected machine was reading this newsgroup with
Outlook Express or a browser. (Shouldn't happen if they're reading
with Agent.)

Or, a commercial spammer's machine might have gotten infected,
and the virus is using the spammer's list of email addresses as
Reply To spoofs as well as targets. (This seems to have happened
with the latest worm making the rounds. The flooding has been too
rapid and too huge for it not to have had access to a major spammer's
address list. At least that's what some network security types are
claiming.)

Gary



  #11   Report Post  
Larry Jaques
 
Posts: n/a
Default OT Gremlins have been busy!

On Thu, 21 Aug 2003 06:10:18 GMT, "Keith Marshall"
pixelated:

Funny thing is, I'm not the sender. I hadn't even heard of the

recipients, all
of which were commercial establishments. Anyone out there having the same
"good luck"?

Yep, afraid so. Since yesterday morning I have received 2733 messages with
a virus attached (but removed by Norton Antivirus) and an unknown number
(probably a few hundred) of messages like you described where I was
supposedly the sender. The "From" address is one that I had posted on my
Web site for support (I knew better but never got around to hiding it until
now)


I, too, have received tons of virus-infected mail lately,
some with 3 virii apiece, some from "me"! Strange. I guess
it's almost time for the spammers to go back to school so
they're out in force, eh?

Just 2 weeks ago, after returning from vacation (9 days) to
a mailbox full of 5,000 spams and 9 valid messages, I went
to my host and turned off wildcarding. That cut about 500
per day. I have Spam Assassin going locally but am about
to let my host do it there since it works flawlessly.

I'm down to ~50 spams/day (5 addresses but most to the one
I have on my website; time to change/hide it there, too)
with SA catching 40 of them.

-
The advantage of exercising every day is that you die healthier.
------------
http://diversify.com Dynamic Websites, PHP Apps, MySQL databases
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 09:38 PM.

Powered by vBulletin® Copyright ©2000 - 2023, Jelsoft Enterprises Ltd.
Copyright 2004-2023 DIYbanter.
The comments are property of their posters.
 

About Us

"It's about DIY & home improvement"