LISTSERV - TECHNET Archives - LISTSERV.IPC.ORG

TECHNET Archives

September 2003

TechNet@IPC.ORG

	LISTSERV Archives
	TECHNET Home
	TECHNET September 2003

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Notices
From:	Brian Ellis <[log in to unmask]>
Reply To:	TechNet E-Mail Forum.
Date:	Wed, 10 Sep 2003 09:07:21 +0300
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

Werner

This is called spoof addressing and is a pest. The following is an
extract from my latest article for "Microelectronics International":

Another very nasty one of recent date is Sobig.F. This is a complex worm
which not only replicates itself from an infected computer, it installs
its own Trojan Horse. This can be used for any number of nefarious
purposes and can even transmit password information to third parties.
Even worse, it can seek updated versions of itself, so that it can
evolve faster than the anti-virus systems can take care of them. Like
many others, the replication uses multiple spoof ‘From’ addresses, so
that there is no way of knowing the origin, should you be careless
enough as to allow yourself to be infected. Even worse, it can use any
one of a number of ports. Perhaps one of the more obvious manifestations
is that the Trojan Horse transmits the infected site’s IP number which
becomes a “magnet” for spam mail: users apparently received many spams
within a very short space of time, as well as infected attachments. The
worst aspect is that Sobig.F had the fastest propagation rate of any
virus, to date. What is amazing is that even organisations like the
Swiss Federal Railways were taken down for over a day by this beastie."

Brian

Werner Engelmaier wrote:
> Hi,
> Are you all getting all these "failure notice", "Returned mail",
> "Undeliverable message returned to sender", etc. about e-mails I have never sent to
> addresses I have never heard of? This started about 4 or 5 days ago.
>
> Regards,
> Werner Engelmaier
>
> ---------------------------------------------------
> Technet Mail List provided as a service by IPC using LISTSERV 1.8e
> To unsubscribe, send a message to [log in to unmask] with following text in
> the BODY (NOT the subject field): SIGNOFF Technet
> To temporarily halt or (re-start) delivery of Technet send e-mail to [log in to unmask]: SET Technet NOMAIL or (MAIL)
> To receive ONE mailing per day of all the posts: send e-mail to [log in to unmask]: SET Technet Digest
> Search the archives of previous posts at: http://listserv.ipc.org/archives
> Please visit IPC web site http://www.ipc.org/contentpage.asp?Pageid=4.3.16 for additional information, or contact Keach Sasamori at [log in to unmask] or 847-509-9700 ext.5315
> -----------------------------------------------------
>
>

---------------------------------------------------
Technet Mail List provided as a service by IPC using LISTSERV 1.8e
To unsubscribe, send a message to [log in to unmask] with following text in
the BODY (NOT the subject field): SIGNOFF Technet
To temporarily halt or (re-start) delivery of Technet send e-mail to [log in to unmask]: SET Technet NOMAIL or (MAIL)
To receive ONE mailing per day of all the posts: send e-mail to [log in to unmask]: SET Technet Digest
Search the archives of previous posts at: http://listserv.ipc.org/archives
Please visit IPC web site http://www.ipc.org/contentpage.asp?Pageid=4.3.16 for additional information, or contact Keach Sasamori at [log in to unmask] or 847-509-9700 ext.5315
-----------------------------------------------------

ATOM RSS1 RSS2

LISTSERV.IPC.ORG