[dba-Tech] Viruses coming for several days from 195.167.69.130....

Shamil Salakhetdinov shamil at users.mns.ru
Thu Jun 2 06:37:15 CDT 2005


> Also, send an e-mail to:
> noc at otenet.gr, abuse at otenet.gr, hostmaster at otenet.gr.
> postmaster at otennet.gr

Bryan,

The issue seems to have been solved - this is what I've got today:

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Dear Sir,

Thank you for bringing this matter to our attention.
We inform you that we have tracked down the compromised machine and inform
the network
administrator about the infection.
For any further information or assistance, we are always at your disposal.

Kind regards,
OTEnet Network Abuse

Tηλ: 801-11-35555 (Αστική Χρέωση)
Fax: +30 210-6779990
E-mail: abuse at otenet.gr
Visit: http://www.otenet.gr/hd/HTML/abuse.htm
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Thank you,
Shamil

----- Original Message ----- 
From: "Bryan Carbonnell" <carbonnb at gmail.com>
To: "Discussion of Hardware and Software issues"
<dba-tech at databaseadvisors.com>
Sent: Monday, May 30, 2005 8:36 PM
Subject: Re: [dba-Tech] Viruses coming for several days from
195.167.69.130....


> On 5/30/05, Shamil Salakhetdinov <shamil at users.mns.ru> wrote:
> > Hi All,
> >
> > I'm getting W32.Mydoom.BT at mm viruses for several days from
195.167.69.130.
> >
> > The virus sender's e-mail address is simulating my provider's
"services":
> > admin at mns.ru, service at mns.ru etc.
> >
> > What are the most effective ways to stop these viruses sending?
>
> If you can filter it at the server level, then that's the best way.
>
> Failing that, contact you ISP, and send them the received header lines
> from a couple of the virii, and ask them to block the IP.
>
> Also, send an e-mail to:
> noc at otenet.gr, abuse at otenet.gr, hostmaster at otenet.gr.
postmaster at otennet.gr
> with a few of the received headers as well and ask them to contact
> thier client and inform them that they are sending out virii. Also ask
> them if they could block this person until they have cleaned the virri
> from their PC.
>
> I have done this before and it has worked. Just make sure that you
> send the recieved headers so they can trace it back to their system
> and you are polite and non-confrontational.
>
> -- 
> Bryan Carbonnell - carbonnb at gmail.com
> Life's journey is not to arrive at the grave safely in a well
> preserved body, but rather to skid in sideways, totally worn out,
> shouting "What a great ride!"
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com




More information about the dba-Tech mailing list