[RC5] Virus alert !

waldo kitty wkitty42 at alltel.net
Fri Oct 11 12:18:14 EDT 2002


yup, did that... and its only passwords for the "outside", as i
understand it... anything you access on the internet (yahoo, lycos,
hotmail, etc) as well as your ISP logon and email password... do you
concur for a w98se box?  yes, NT/2000/XP are a bit different but if no
netbios is allowed to pass to the internet, is it safe without changing
the local passwords, taking into account the same stuff as above?

Scott Dodson wrote:
> 
> On 10-Oct-2002, waldo kitty wrote:
> >
> > you can rely on the TOPmost received line to tell where the mail came
> > from to your mail server... i didn't say anything about the originating
> > machine or user... sorry, yes, maybe "sender" might imply that but that
> > is not what i was attempting to imply... in any case, with bugbear, it
> > uses its own SMTP engine and since it is located on the infected user's
> > machine, guess what info you do have at hand <<wink>>
> >
> > BTW: i surprised one of my old clients yesterday when i called them 5
> > minutes after they deleted a "wierd" email... i called them because
> > their machine had just sent me bugbear... i recognised the name of the
> > machine and the ip number... let's just say that they were very shocked
> > and surprised that i was able to tell that from the email headers...
> > they admitted that their machine was behaving strangly in those last few
> > minutes and i was able to pick up a quick clean up job since they were
> > unable to do anything much with bugbear running...
> 
> Be sure to tell them to make sure none of the passwords associated with
> that machine are valid anymore.  Bugbear captures passwords.  Rather nasty.
> :(
> 
> --
> 
> Scott Dodson            PGP KEY id 0x5F9A9E5E
> sdodson at sdodson.com     sdodson at distributed.net
> --
> To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
> rc5-digest subscribers replace rc5 with rc5-digest

-- 
       _\/
      (@@)                      Waldo Kitty, Waldo's Place USA
__ooO_( )_Ooo_____________________ telnet://bbs.wpusa.dynip.com
_|_____|_____|_____|_____|_____|_____ http://www.wpusa.dynip.com
____|_____|_____|_____|_____|_____|_____ ftp://ftp.wpusa.dynip.com
_|_Eat_SPAM_to_email_me!_YUM!__|_____|_____ wkitty42 (at) alltel.net
--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list