Dodge Dakota ForumDodge Dakota PhotosDodgeDakota.net Membership
  Forums   Forum Tools
00:21:09 - 12/20/2024

General Dakota Board
FromMessage
HotRodSRJ
Dodge Dakota
JOIN HERE
 Email

8/28/2003
08:43:19

Subject: Anybody getting Spoofed here?
IP: Logged

Message:
Another member and myself has determined that we have both been getting spoofed thru our email addys being sent out to unknown users and having viruses attached. We did not send these emials and do not have the viruses per se, but either someone here that has emailed us both (hotrodsrj@aolcom and Jason.Fitzgerald@Nypro.com) or the server is acting as our spoofer computer and transmitter?

Anyone else have this problem with emails being sent back to your addy undeliverable or detected with a virus? Commonly you will see the use of the "MAILER-DAEMON" OR Postmaster@server etc.



Mr.Sleepy
Dodge Dakota
JOIN HERE
 Email

8/28/2003
08:47:20

RE: Anybody getting Spoofed here?
IP: Logged

Message:
YES! Its been going on to me for the past week! I get 5 to 8 email "returns" everyday with the description that my mail couldn't be delivered to someone because it has a virus. I don't even know the email addresses that my computer is sending them to! I virus scanned and managed to find over 20 corrupted files and the virus itself! Its called the SOBIG virus and it is a god damn bitch to remove. Load up your virus scanner program and get it off your system if you can! I still am having problems with mine.



Rocket Man
Dodge Dakota
JOIN HERE


8/28/2003
09:39:28

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Same here. At least 5 a day. Sounds like Mr. Sleepy is one of the culprits. I'm sure there are more. If you surf the net, you've gotta have a good virus program, and constantly update the virus definitions.



forexfour
GenIII
 Email User Profile


8/28/2003
09:53:49

RE: Anybody getting Spoofed here?
IP: Logged

Message:
I have been getting it to. I know I do not have the virus but it is clear that it is a Dakota member on some board. I am thinking someone east caost maybe North Carolina just from some of the addy's I have been getting.

I could post all of the people I am getting them from.

Here is what the virus is I believe.

W32.Sobig.F@mm is a mass-mailing, network-aware worm that sends itself to all the email addresses it finds in certain files on your PC. If you receive a message with an attachment with a .pif or .scr extension, we strongly suggest you scan it before downloading. The message may appear to be from someone you know.

Anyone know how to stop getting the messages? I have blocked a lot and it has slowed.



Never late for a Tee time or wheelin with my buddies! Always ready for both!!!

Forexfour's home



rtdkota
R/T
 Email User Profile


8/28/2003
10:02:50

RE: Anybody getting Spoofed here?
IP: Logged

Message:
As a network flunky by day-- I can tell you, if you are running Windows 2000-- you MUST have SP4 on then the patch to block future RPC attacks. After you put on the SP4, then the RPC patch, then the cleaners.


Sam


www.socaldakota.com

Exterminator
Dodge Dakota
JOIN HERE


8/28/2003
10:04:27

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Symantec Removal Tool for Sobig Virus

Mr.Sleepy use the free Symantic(Norton) Sobig removal tool to eradicate the virus from your system, easy to do just follow the instructions on site.





Mr.Sleepy
Dodge Dakota
JOIN HERE
 Email

8/28/2003
10:07:37

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Okay will do.... BTW I got this thing from a email sent to me by some guy who replied to my post on this board. It started happening the very same day I got his email. I don't remember his name though sorry. I'll be able to provide more info when I get home. At work currently.



Exterminator
Dodge Dakota
JOIN HERE


8/28/2003
10:16:45

RE: Anybody getting Spoofed here?
IP: Logged

Message:
4x4 only way is as you are doing block the messages or send a complaint to their ISP or hide your E-mail addy.





Exterminator
Dodge Dakota
JOIN HERE


8/28/2003
10:23:52

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Broadband Reports Security Forum

Lots of good info and advice here for security related matters.



doug4.7
Dodge Dakota
JOIN HERE
 Email

8/28/2003
11:42:04

RE: Anybody getting Spoofed here?
IP: Logged

Message:
The address that is sending the messages that I get on my machine is usually 24.169.215.73. I am not sure who or where that one is, but I am getting LOTS of the Sobig from that address spoofed as someone else.



Mark
Forum Moderator
 User Profile


8/28/2003
11:45:43

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Hey guys, don't feel bad.. I have been logging the ones that I get. In the past 23 hours and 40 minutes I got 558 of them. Its the sobig virus and how they work is that they are sent out from the infected computer to members of the address book on that comptuer. They are made to look like they come from another member of the address book on that same computer. Since people on this board email eachother and have eachother saved in their address book, they are appearing to come from everyone here.

-Mark Hryckiewicz
1993 Sport RC SB 5.2L Auto
DodgeDakotas.com

Mr.Sleepy
Dodge Dakota
JOIN HERE
 Email

8/28/2003
11:48:47

RE: Anybody getting Spoofed here?
IP: Logged

Message:
That doesn't quite add up, since I don't have any of you listed in my address book, and none of the returned emails have addresses that I have ever heard of. For instance, library@dod.gov.... who in the world is that? See what I mean?



Mark
Forum Moderator
 User Profile


8/28/2003
11:51:12

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Somewhere on somebody's address book you are listed. Trust me.

-Mark Hryckiewicz
1993 Sport RC SB 5.2L Auto
DodgeDakotas.com

Mark
Forum Moderator
 User Profile


8/28/2003
11:55:20

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Department of Defense. The libarary part can be taken from somewhere else. Some viruses mix and match while some are just arbitrary. With so many IT professionals unemployed, this is what they do with thier time. I don't think that sobig was started that way. It was a useful program (to someone) that just got out of hand.. or so I hear. I also have been getting two mutations of the virus. One says "Please see the attached file for details." and the other says "See the attached file for details" with no period at the end. You can probably set mail rules in outlook to just dump antying wtih that in teh body to the deleted folder adn you'll never see them again.

-Mark Hryckiewicz
1993 Sport RC SB 5.2L Auto
DodgeDakotas.com

forexfour
GenIII
 Email User Profile


8/28/2003
12:24:18

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Is this what I am looking for where it comes from?

Received: from 24.25.114.194 (EHLO KEITH) (24.25.114.194) by mta134.mail.sc5.yahoo.com with SMTP; Thu, 28 Aug 2003 09:17:43 -0700

That seems to be where they are coming from on mine. They all show this.

Never late for a Tee time or wheelin with my buddies! Always ready for both!!!

Forexfour's home



Exterminator
Dodge Dakota
JOIN HERE


8/28/2003
12:56:52

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Looks to be in the Charlotte,NC area.

24.25.114.194

clt25-114-194.carolina.rr.com

Registrant:
Road Runner HoldCo, LLC (RR6-DOM)
13241 Woodland Park Rd
Herndon, VA 20171
US

Domain Name: RR.COM

Administrative Contact, Technical Contact:
Road Runner (XGUKSSRMIO) abuse@RR.COM
13241 Woodland Park Rd
Herndon, VA 20171
US
703-345-3416 fax: 703-345-3607

Record expires on 30-Sep-2010.
Record created on 20-Aug-2002.
Database last updated on 28-Aug-2003 12:45:39 EDT.

Domain servers in listed order:

DNS1.RR.COM 24.30.200.3
DNS2.RR.COM 24.30.201.3
DNS3.RR.COM 24.30.199.7
DNS4.RR.COM 65.24.0.172



forexfour
GenIII
 Email User Profile


8/28/2003
13:12:45

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Yeah I have seen that Carolina RR before. What does this all mean? I wish I knew how you figured that out and what to do about it.

I have over 70 blocked addresses now.



Never late for a Tee time or wheelin with my buddies! Always ready for both!!!

Forexfour's home



Exterminator
Dodge Dakota
JOIN HERE


8/28/2003
13:19:15

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Sam Spade

Put that link in your favorites for future reference ;-)



Exterminator
Dodge Dakota
JOIN HERE


8/28/2003
13:26:08

RE: Anybody getting Spoofed here?
IP: Logged

Message:
forexfour check if you have exchanged E-mails with anyone with a @carolina.rr.com address. (Time-Warner cable)



forexfour
GenIII
 Email User Profile


8/28/2003
14:52:02

RE: Anybody getting Spoofed here?
IP: Logged

Message:
Ya know, I get a lot of feed back and questions. I do not add anyone but people I know to my book. I delete all e-mails that are just from random people asking questions and opinions.

Time warner = AOL ???

What do I do with the info I know, Anything?

They are slowing to me but I am running out of Addy blocks.

Can I block the IP or something?

Never late for a Tee time or wheelin with my buddies! Always ready for both!!!

Forexfour's home



dak man
Dodge Dakota
JOIN HERE


8/28/2003
15:28:47

RE: Anybody getting Spoofed here?
IP: Logged

Message:
i have the same problem, my yahoo account goes over 100% everyday with this BS



   P 1 Next Page>>


 



Home | Forums | Members | Pictures | Contact Us

This site is in no way affiliated with Chrysler or any of its subsidiaries.