[windows2000] Re: OT - Newbie Packet monitoring question

  • From: "Chris Ruggeri" <cruggeri@xxxxxxxxxx>
  • To: <windows2000@xxxxxxxxxxxxx>
  • Date: Mon, 2 Feb 2004 11:46:44 -0700

Thanks Jim!
 I pretty much figured as much; however, because our clients are all
cops, I had to make some sort of effort to get them some info.....
 1 - that it really is not coming from us...and....hopefully....some
proof to them that just because it says it came from
so-n-so@xxxxxxxxxxxxxx does not mean it is the source of the virus.

Thanks again!

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Kenzig
http://thethin.net
Sent: Monday, February 02, 2004 11:39 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: OT - Newbie Packet monitoring question

So has everyone else in the world. We blocked over 4000 of them. You are
wasting your time trying to chase them down.
JK


-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Chris Ruggeri
Sent: Monday, February 02, 2004 1:31 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] OT - Newbie Packet monitoring question


Hi group,

We have been inundated with e-mails containing the Mydoom virus. I ran
packet monitoring from analogx....so I could see whats coming through. I
know the "address from"  appears to be spoofed...

What I am wondering, is it possible that all the info in the packet is
bogus and I am chasing my tail here.....or would the "Message-ID" info
be pretty reliable as the source and I have something to send to the
ISP? I placed the info I was looking @ below.

Thanks in advance for any input!

Chris

********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts:

  1. Home
  2. windows2000
  3. Archive
  4. 02-2004