Re: Bounce e-mails

If SoBig is similar to most of the past viruses, they use the from address
from somebody in the victim's outlook address book. This way you can't
trace who it's coming from. The best bet is to look at the IP address it
came from. You can then find out which ISP it came from. By notifying the
ISP of the email date, time, and IP they can determine who sent it.
Reply to
Normen Strobel
Loading thread data ...
THey aren't from you, unless you are infected. The latest viruses have their own SMTP software and can pluck addresses from all over an infected person system and then builds a message from those addresses. Someone that has your email address on their system is infected and the virus is using your address as a "From" address.
Jim
Reply to
James Beck
Not being very computer literate I won't say what is or is not, but this is a true experience. I have always had Norton on this computer. About 6 months ago, AOL shut me down. They gave me a phone number and I made a call. Seems there was some kind of plant in my computer to send out all kinds of email from my computer via a *trojan horse.* Regular Norton had not caught such a plant. Well after a short bit that all got cleared up and I downloaded another system of International Internet Security. Every so often it alerts me to the fact that backdoor entry was attempted but blocked. Good thing is that I can trace the isp numbers right to not only the ISP but right to the source. Bad thing itsometimes screws over something I want to do.
I have had hits from all over the Far East, Korea, Thialand, etc.etc. San Francisco, Seattle, DCA, Germany and Los Angles. This computer age may be the greatest thing, however I could live without it.
I no longer keep any significant financial numbers in my data bases. I don't know and ain't gonna' *larn* enough to protect all that stuff electronically. Jus' keep it in the house where it is protected by a whole lot of big-hole makers.
Reply to
CainHD
Yes. So many, in fact, that the blizzard of bounce messages is creating problems almost as big as the Sobig virus itself.
Yes.
Sobig uses fake From: addresses when it mails itself out. Because of that, bounce messages go to the wrong person.
They aren't.
If someone gets a copy of Sobig from snipped-for-privacy@bar.com, the one thing you can be sure of is it did *not* originate from snipped-for-privacy@bar.com. unfortunately, antivirus autoresponders are too dumb to kow that, and will cheerfully send a message to poor foo, who has no idea what's going on.
Reply to
Tacit
The SoBig virus is a PITA. Before I figured out how to stop it, I received about 300 messages, some from people incorrectly telling me that I was sending it out. I used Spamcop to break down one of the emails and extracted the originating IP address
formatting link
The program even put a name with the address and it was a simple matter to notify the network admin of that site. In this particular case, all 300 copies of this virus were coming from the same source, a wireless network with a high speed connection to the 'net. The owner had no clue his systems were infected. Good Luck Bill
Reply to
me
Yea, Red. It's the virus. It grabs your screen name from an infected user's mailbox and replicates it. Not much you can do about it.
Dr.1 Driver "There's a Hun in the sun!"
Reply to
Dr1Driver
Took a long time to hit you Red.
Yup. haty happens is that someone who knows you gets infected, and the worm sends pretending to be you (or anyone else on teh infected adress list).
Then loads of messages that are to people he put in wrong, or have ceased to exist, or whose systems have virus scanners are bounced back to YOU.
With luck, your system will bounce thse as having vurus mesages, and you end up with an internet full of bouhcing e-mails, whilst the ones that do get through infect other peoples systems and cause even more mayhem
Neat trick huh?
Reply to
The Natural Philosopher
The best thing to do is ditch Outlook express on YOUIR system, and use something like a NAT proxy firewall to teh 'net. It won't stop you being bombarded with other peoples bounces, but at least you won;t get infected yourself, if you run a decent antivirus and kleep it up to date.
Reply to
The Natural Philosopher
Don't know how much it helps, but i have 'mailwasher' as a screener between the servers and my mailbox. It is trainable and i can create filters to get rid of addresses and domains..... so far, it has eased the spam problem noticeably. And right now, i'll get 25 messages which it gleens down to about 5 (which are legit), so it is kicking out 80% of the messages that normally would hit my inbox..... and it does it with a click of the button, or has an automatic setting... I think it works pretty well.
Reply to
arnereil
I hope they make an example of the creep! And when they get him, go after the sobig SOB.
Red S.
Reply to
Red Scholefield
Most all resources in spent on developing computers have went into making them convenient, fun, and very useful. The lack of resources spent up front by hardware and software developers is coming back to bite them in the butt. Us too!
Bob
Reply to
Bob Adkins
Using good e-mail and AV programs help prevent you from infecting others.
Using a little Freeware called "Sobig Stopper" catches 99.9% of the ones sent to you. It catches them at the server, and kills them. It keeps stats. I have gotten as many as 300 per day. 2 friends got 600 and 1200 in 24 hours.
Bob
Reply to
Bob Adkins
I am using NAV Corporate and Outpost Pro. No virus has got through since installing these. It stops over 10,000 port scans and hack attempts a day.
Shame is, most people have no idea how many times their computer is scanned while online! I should post the last 10 minutes of port scans attempted and shock most of you!
Reply to
Paul McIntosh
It looks like they found an 18year old nerd who modified the virus and resent it. I don't think they found the original virus writer. Either way I see jail time as a good punishment.
Reply to
Normen Strobel
I got a better idea! How about sitting him at a terminal and fixing everything that he harmed! A few decades doing mundane data work should cure him!
Reply to
Paul McIntosh
With his tongue!
> I look at more like making a tagger clean all the spray paint off all the > walls in a rival gang's turf!. > > -- > Paul McIntosh > Desert Sky Model Aviation
> > That's like turning a bank robber in to a security guard. Probably not a > > good idea. > > > > -- > > Normen Strobel > > snipped-for-privacy@zoominternet.nospam.net > > > >
> > > I got a better idea! How about sitting him at a terminal and fixing > > > everything that he harmed! A few decades doing mundane data work should > > > cure him! > > > > > > -- > > > Paul McIntosh > > > Desert Sky Model Aviation
> > > > It looks like they found an 18year old nerd who modified the virus and > > > > resent it. I don't think they found the original virus writer. > Either > > > way > > > > I see jail time as a good punishment. > > > > > > > > -- > > > > Normen Strobel > > > > snipped-for-privacy@zoominternet.nospam.net > > > > > > > >
> > > > > Looks like they are going to make an arrest on the Blaster worm > case. > > I > > > > hope > > > > > they put the guy in a cell, then about fifty other inmates pull down > > his > > > > > pants and line up behind him and put more pipe up his ass than is in > > the > > > > > Alaska pipeline, each one of them saying "Blast this!" ;>) > > > > > > > > > >
> > > > > > Is anyone else getting a lot of e-mail bounce notices for messages > > > sent > > > > to > > > > > > people you never heard of seemingly from your address? Is this > just > > > > some > > > > > of > > > > > > the fallout from the soBig virus? All of these have attachments > > that > > > > were > > > > > > part of the soBig mailings. I've checked my system with Norton > and > > > > > nothing > > > > > > suggests that these are coming from my computer. > > > > > > > > > > > > Red S. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
Reply to
Six_O'Clock_High

PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.