Date: Sun, 29 Feb 2004 16:50:34 -0800 (PST) From: Julian Elischer <julian@elischer.org> To: hackers@freebsd.org Subject: SPAM/virii apparently from freeBSD addresses. Message-ID: <Pine.BSF.4.21.0402291639340.27862-100000@InterJet.elischer.org>
next in thread | raw e-mail | index | archive | help
Somewhere out there there is a ?Virus?/?Hacker?/?Spammer?
getting really annoying..
take this one for example:.. It has a legit FreeBSD from
address of someone I'd read, and a subject line that I've seen before on
this list, and all sorts of other forgery stuff.
>From julian@elischer.org Sun Feb 29 16:29:03 2004 -0800
Status: R
X-Status:
X-Keywords:
Return-Path: <jake@freebsd.org>
Received: from mx2.freebsd.org (mx2.freebsd.org [216.136.204.119])
by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA49824
for <julian@elischer.org>; Sun, 29 Feb 2004 16:29:00 -0800 (PST)
From: jake@freebsd.org
Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])
by mx2.freebsd.org (Postfix) with ESMTP id A83295576A
for <julian@elischer.org>; Sun, 29 Feb 2004 16:28:59 -0800 (PST)
(envelope-from jake@freebsd.org)
Received: by hub.freebsd.org (Postfix)
id A421316A4CF; Sun, 29 Feb 2004 16:28:59 -0800 (PST)
Delivered-To: julian@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id A10F516A4CE
for <julian@freebsd.org>; Sun, 29 Feb 2004 16:28:59 -0800 (PST)
Received: from freebsd.org (unknown [210.66.161.77])
by mx1.FreeBSD.org (Postfix) with SMTP id 419AB43D39
for <julian@freebsd.org>; Sun, 29 Feb 2004 16:28:50 -0800 (PST)
(envelope-from jake@freebsd.org)
To: julian@freebsd.org
Subject: stolen
Date: Mon, 1 Mar 2004 08:29:23 +0800
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="04136376"
Message-Id: <20040301002850.419AB43D39@mx1.FreeBSD.org>
[...] (spam deleted)
This damned thing is obviously using a real mail as a template..
the only thing that it hasn't been able to spoof is the
originating IP address.. in taiwan somewhere.
[InterJet.elischer.org] 346 traceroute 210.66.161.77
traceroute to 210.66.161.77 (210.66.161.77), 30 hops max, 40 byte
packets
1 10.144.192.1 (10.144.192.1) 13.072 ms 10.885 ms 10.212 ms
2 12.244.97.97 (12.244.97.97) 11.357 ms 9.902 ms 11.117 ms
3 12.244.67.86 (12.244.67.86) 13.140 ms 23.507 ms 11.977 ms
4 12.124.35.57 (12.124.35.57) 16.431 ms 25.404 ms 38.147 ms
5 gbr6-p80.sffca.ip.att.net (12.123.13.154) 20.889 ms 16.106 ms
15.797 ms
6 tbr2-p013601.sffca.ip.att.net (12.122.11.93) 26.930 ms 15.280 ms
16.038 m
s
7 ggr2-p390.sffca.ip.att.net (12.123.13.194) 14.605 ms 31.905 ms
39.139 ms
8 p16-0-1-1.r20.plalca01.us.bb.verio.net (129.250.9.73) 21.166 ms
36.620 ms
16.578 ms
9 xe-0-2-0.r21.plalca01.us.bb.verio.net (129.250.4.231) 24.247 ms
22.128 ms
22.849 ms
10 p64-0-0-0.r21.mlpsca01.us.bb.verio.net (129.250.5.49) 35.048 ms
27.652 ms
24.794 ms
11 p16-6-0-0.r80.mlpsca01.us.bb.verio.net (129.250.3.24) 17.962 ms
18.794 ms
23.245 ms
12 p16-0-2-0.r20.tokyjp01.jp.bb.verio.net (129.250.4.154) 131.523 ms
131.186
ms 139.967 ms
13 ge-0-0-0.r00.tokyjp01.jp.bb.verio.net (129.250.3.121) 152.421 ms
146.529 m
s 145.884 ms
14 p4-0-2-0.r00.taiptw01.tw.bb.verio.net (129.250.4.214) 198.825 ms
190.690 m
s 185.596 ms
15 ge-0-0-0.a01.taiptw01.tw.ra.verio.net (61.58.32.35) 182.409 ms
184.256 ms
185.005 ms
16 61.58.33.106 (61.58.33.106) 179.527 ms 175.598 ms 182.063 ms
17 R59-169.seed.net.tw (139.175.59.169) 184.325 ms 177.720 ms
176.060 ms
18 R56-210.seed.net.tw (139.175.56.210) 181.436 ms 177.463 ms
176.991 ms
19 R58-178.seed.net.tw (139.175.58.178) 178.742 ms 183.660 ms
179.474 ms
20 sh38-33.seed.net.tw (139.175.38.33) 183.048 ms 181.770 ms 186.065
ms
21 h170-192-72-33.seed.net.tw (192.72.33.170) 189.714 ms 185.537 ms
196.507
ms
22 *^C
[InterJet.elischer.org]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0402291639340.27862-100000>