RE: Virus on the list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I too got an alert from our mail-gateway AV product, for what's it's worth.  But our drakonian approach to deleting attached . E X E 's stopped the infected file from even making it to the desktop. 
 
Cheers! 
 
-----Original Message-----
From: Eucke Warren [mailto:euckew@xxxxxxxxxxxxxxxxxxxxx]
Sent: Monday, January 19, 2004 4:54 PM
To: redhat-list@xxxxxxxxxx
Subject: Virus on the list

Hey, this may be information you already have.....but....
 
My Vexira server just nabbed a message with a worm in it that appears to have originated from the list.  The Worm is Worm/Bagle.B.  I doubt that the other headers are unaltered so I don't know that there's enough information to figure out which of the list members is infected.  Just an FYI.
 
Here is the Alert I received from my milter
 
Message-Id: <esbeqpfmekjyxlvlrmk@xxxxxxxxxx>
 Sender: redhat-list-admin@xxxxxxxxxx
 From: toshi.esumi@xxxxxxxxxx
 To: redhat-list@xxxxxxxxxx
 Date: Mon, 19 Jan 2004 21:35:21 +0000
 Subject: Hi
 Mail-From: <redhat-list-admin@xxxxxxxxxx>
 Rcpt: <euckew@xxxxxxxxxxxxxxxxxxxxx>
 Queue-Id: 23528-799AB1E6
 Status: The mail was not delivered!
--8<--


Log-File:
--8<--
info: extracting attachment 1 to /var/tmp/av-23531-ccE6xT/av-0
       (encoding="8bit", name="(no name)", filename="(no name)")
info: extracting attachment 2 to /var/tmp/av-23531-ccE6xT/av-1
       (encoding="base64", name="qjktyrpf.exe", filename="xgcjkahnf.exe")
checking file "/var/tmp/av-23531-ccE6xT/av-0"
checking file "/var/tmp/av-23531-ccE6xT/av-1"
--8<--

--
 
Eucke Warren
 
Today's quote: "The software package said 'REQUIRES WINDOWS 9X OR BETTER' so I installed Linux"

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]

  Powered by Linux