|
Grex > Info > #361: Grex System Problems - Spring 2004 |  |
|
| Author |
Message |
| 25 new of 405 responses total. |
keesan
|
|
response 242 of 405:
| 
May 9 21:44 UTC 2004 |
The following (without any message body) was in my inbox when I got home
today at 17:30 (May 9). I am sure I did not send it. Who did? Is this
some new virus? No attachment either.
Received: from host217-42-224-55.range217-42.btcentralplus.com
(host217-42-224-55.range217-42.btcentralplus.com [217.42.224.55]) by
grex.cyberspace.org (8.6.13/8.6.12) with SMTP id QAA13675 for
<keesan@grex.org>; Sun, 9 May 2004 16:32:50 -0400 Date: Sun, 9 May 2004
16:32:50 -0400 From: Sindi Keesan <keesan@grex.org> Message-Id:
<200405092032.QAA13675@grex.cyberspace.org> Received: from i[8 Apparently-To:
<keesan@grex.org>
|
jor
|
|
response 243 of 405:
|
May 10 00:19 UTC 2004 |
There seems to be a rash of new email/spam/virus
crap, with bogus attachments and ruses like
imitation email error messages, et cetera.
'your email to IncreaseViagraSize.com
failed' . . wait I sent no such email.
I am thinking about making a list of the
symptoms.
|
albaugh
|
|
response 244 of 405:
|
May 10 18:13 UTC 2004 |
Recent viruses are being sent spoofing the From: address. This makes it
more likely to spread, as the unsuspecting - and inexperienced! - recipient
will say "How nice, a message from Sindi, I'll just open her attachment"
expecting to see an image of flowers or something, and instead...
|
keesan
|
|
response 245 of 405:
|
May 10 18:35 UTC 2004 |
I know about the Netsky virus spoofing the address and coming with a 40K
attachment, but this had no attachment and it was from me to me and also had
no message body. Odd.
|
tod
|
|
response 246 of 405:
|
May 10 18:40 UTC 2004 |
This response has been erased.
|
drew
|
|
response 247 of 405:
|
May 10 19:24 UTC 2004 |
I also have gotten mail from myself. One a normal spam, and the other devoid
of any text or attachment, saved in /a/d/r/drew/selfmail. I was going to
change my password but since others are also getting mail from themselves -
what the heck, I'm changing it anyway.
|
scott
|
|
response 248 of 405:
|
May 10 19:28 UTC 2004 |
A really recent virus even has a couple photos of sexy women embedded, to be
used to entice the victim into opening the attachment.
|
jor
|
|
response 249 of 405:
|
May 11 00:30 UTC 2004 |
I assume malicious attachments are targeting
Windows email programs. Are there now malicious
email attachments which can do damage
on Unix?
I don't want to open one to find out.
|
jhudson
|
|
response 250 of 405:
|
May 11 14:40 UTC 2004 |
There are, but just opening one won't do any damage.
It is hard to get a virus when you have to:
(save file)
$ chmod +x file
$ ./file
|
keesan
|
|
response 251 of 405:
|
May 11 15:03 UTC 2004 |
I also get 'antivirus warning report' type subjects from the grex MAILERDAEMON
which I presume is also a forget from address. Can't check, it already went
to /dev/null.
|
gull
|
|
response 252 of 405:
|
May 11 15:10 UTC 2004 |
There was, for a while, a buffer overflow bug in Pine that would allow a
specially-crafted email message to execute arbitrary code. I don't know
of any worms that successfully exploited it, though.
|
tod
|
|
response 253 of 405:
|
May 11 16:18 UTC 2004 |
This response has been erased.
|
krj
|
|
response 254 of 405:
|
May 11 16:52 UTC 2004 |
resp:242, 245: Sindi: yeah, those are going around, null emails which
claim to be "From:" the address receiving them. I have a few and
have reports of others. What this means is that the Quality Assurance
department in Virusland is slacking off on the job; you have received
the output from an incompetently written virus.
|
albaugh
|
|
response 255 of 405:
|
May 11 17:10 UTC 2004 |
While telnetting in late last night, with minimal activity over a span of ~3
hours, I lost my connection 3 or 4 times. Is that acceptable for a system
such as grex? If not, is this situation chronic? Correctable? Something
that would be in any way better under nextgrex?
|
tod
|
|
response 256 of 405:
|
May 11 17:19 UTC 2004 |
This response has been erased.
|
gull
|
|
response 257 of 405:
|
May 11 20:38 UTC 2004 |
Re resp:255: It looks like it's going to be chronic until someone on
staff has time to fix it.
|
tod
|
|
response 258 of 405:
|
May 11 20:44 UTC 2004 |
This response has been erased.
|
tod
|
|
response 259 of 405:
|
May 11 22:45 UTC 2004 |
This response has been erased.
|
keesan
|
|
response 260 of 405:
|
May 12 03:40 UTC 2004 |
Is grex off the internet again?
|
tod
|
|
response 261 of 405:
|
May 12 04:55 UTC 2004 |
This response has been erased.
|
realugly
|
|
response 262 of 405:
|
May 12 05:03 UTC 2004 |
This response has been erased.
|
bru
|
|
response 263 of 405:
|
May 12 13:03 UTC 2004 |
Macdonalds is humiliating? And what does this have to do with system problems
? I just got booted again.
|
realugly
|
|
response 264 of 405:
|
May 12 13:09 UTC 2004 |
This response has been erased.
|
soup
|
|
response 265 of 405:
|
May 12 14:34 UTC 2004 |
This response has been erased.
|
realugly
|
|
response 266 of 405:
|
May 13 12:32 UTC 2004 |
This response has been erased.
|