[sdiy] Interesting Email from Jameco -- virus alert
Glen
mclilith at charter.net
Wed Aug 20 15:47:42 CEST 2003
At 09:16 AM 8/20/03 , Hermann Seib wrote:
>This neat virus can fake sender addresses, so there's no way to tell (unless
>you follow the IP addresses) whether it really came from Jameco.
I usually check the "Received:" header for an IP address. Is that header
forge-proof, or nearly so?
I received several of these recent trojans myself, and the vast majority of
mine seemed to come from an IP owned by "Dept. of Veterans Affairs Medical
Center". At least, that's what the IP address in the "Received:" header
pointed to--even though all of the messages had different "From:" headers
and *appeared* to be from different people.
It makes me wonder if someone has been targeting US government sites with
the latest trojan?
By the way, wouldn't "Trojan" be a cool name for a DIY synth? :)
later,
Glen
More information about the Synth-diy
mailing list