[Asterisk-Users] [OT] Virus propagation by asterisk user
member.
Steven Critchfield
critch at basesys.com
Tue Aug 19 13:42:29 MST 2003
On Tue, 2003-08-19 at 13:26, firedude at shorelinuxsolutions.com wrote:
> I've gotten a lot of unwanted, unsolicited mail today as well. Most
> probably with the subject line "wicked screensaver". I guess the bad guys
> are mining the asterisk list. Guess I'll have to play with iptables and
> the mirror arguement.
> AJ
Look at the attachment. The ones with subject lines like below are from
the same braindead machine at 80.162.146.234 spewing SoBig.
Subject: Re: Approved
Subject: Re: Re: My details
Subject: Thank you!
Subject: Re: Your application
Subject: Re: That movie
Subject: Re: Re: My details
Subject: Re: Wicked screensaver
So far I have received 43 since 3am till 3:45pm
> On Tue, 19 Aug 2003, Steven Critchfield wrote:
>
> > Sorry to air this in public, but sometimes people need to be publicly
> > shamed.
> >
> > "Frej Jensen" <frej at legespace.dk>
> > This user is spewing the sobig worm around the net. I have received over
> > 20 messages so far today. Most to me at both my former address, and my
> > current address. I matched the IP address from my mail servers logs to
> > his cable modem address used when posting a message to this list on July
> > 25th.
> >
> > If users persist in having unsafe computing tendencies like using
> > windows, please remove them from the network.
> >
> > BTW, this is a good reason for having long running personal archives of
> > the mailing lists you belong to. A fairly easy grep command across my
> > mail directory found the person responsible when from/to addresses are
> > forged.
> >
> >
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
--
Steven Critchfield <critch at basesys.com>
More information about the asterisk-users
mailing list