Re: [Thinkpad] OT: Mercy mission

From: Dr. Jeffrey Race (jrace_at_attglobal.net)
Date: Fri Dec 20 2002 - 22:20:30 EST

• Next message: Richard Chalk: "RE: [Thinkpad] OT: Mercy mission"
• Previous message: Edward Mendelson: "Re: [Thinkpad] wireless - OT: definition of "kitchen sink" (for non-native speakers of English)"
• Maybe in reply to: Dr. Jeffrey Race: "[Thinkpad] OT: Mercy mission"
• Next in thread: Richard Chalk: "RE: [Thinkpad] OT: Mercy mission"
• Reply: Richard Chalk: "RE: [Thinkpad] OT: Mercy mission"
• Reply: Michael Geary: "RE: [Thinkpad] OT: Mercy mission"
• Reply: Bruce Markowitz: "Re: [Thinkpad] OT: Mercy mission"
• Reply: Gary Kuznitz: "Re: [Thinkpad] OT: Mercy mission"

On Fri, 20 Dec 2002 09:40:12 -1000, David Ross wrote:
> This is actually an unusual situation, in that with modern worms that
spoof the email FROM: field one cannot usually identify the infected
machine.

It was just an accident that I recognized the source: I recognized the
rDNS of the IP address to which I had connected his machine.

Thanks to all for your help. It is KLEZ.H and he is on his way to
a computer shop for disinfection. (He has a PhD and was formerly
chairman of a bank, but as for computers, he is the perfect "point
and drool" user. I do not dare do it myself as the Trend Micro
disinfection routine specifies to modify the Registry. I have never
done this.)

Jeffrey Race

• Next message: Richard Chalk: "RE: [Thinkpad] OT: Mercy mission"
• Previous message: Edward Mendelson: "Re: [Thinkpad] wireless - OT: definition of "kitchen sink" (for non-native speakers of English)"
• Maybe in reply to: Dr. Jeffrey Race: "[Thinkpad] OT: Mercy mission"
• Next in thread: Richard Chalk: "RE: [Thinkpad] OT: Mercy mission"
• Reply: Richard Chalk: "RE: [Thinkpad] OT: Mercy mission"
• Reply: Michael Geary: "RE: [Thinkpad] OT: Mercy mission"
• Reply: Bruce Markowitz: "Re: [Thinkpad] OT: Mercy mission"
• Reply: Gary Kuznitz: "Re: [Thinkpad] OT: Mercy mission"

This archive was generated by hypermail 2.1.3 : Thu Jan 23 2003 - 09:59:45 EST