[RC5] Virus alert !
blitz at macronet.net
Thu Oct 10 09:12:11 EDT 2002
The definitive info on Bugbear is here:
Im getting 2 - 4 a day of either BB or Klez this past week....viri snatcher
gets them all..
>In my experience, the From: address of bugbear is meaningless. Being a
>postmaster of medium-sized network, I have received messages from
>various virus scanners around the world claiming that user
>somebody at my.domain has sent them bugbear, when I know that no such user
>exists in my domain.
>My hypotesis is that bugbear constructs its from: address using
>addresses found on local machine, taking username part from one address
>and domain part from another address.
>Toomas Aas | toomas.aas at raad.tartu.ee | http://www.raad.tartu.ee/~toomas/
>* A preposition is a bad thing to end a sentence with.
>To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
>rc5-digest subscribers replace rc5 with rc5-digest
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest
More information about the rc5