[dba-Tech] Viruses coming for several days from 195.167.69.130....

Shamil Salakhetdinov shamil at users.mns.ru
Mon May 30 10:06:08 CDT 2005


Hi All,

I'm getting W32.Mydoom.BT at mm viruses for several days from 195.167.69.130. 

The virus sender's e-mail address is simulating my provider's "services":
admin at mns.ru, service at mns.ru etc.
 
What are the most effective ways to stop these viruses sending?

Thank you,
Shamil

P.S.:

whois 195.167.69.130
     
% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

% Note: This output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '195.167.69.0 - 195.167.69.255'

inetnum:      195.167.69.0 - 195.167.69.255
netname:      PROFILE-O
descr:        23 Praxitelous str
descr:        10562 ATHENS
country:      GR
admin-c:      CS1409-RIPE
tech-c:       GS1522-RIPE
status:       ASSIGNED PA
mnt-by:       OTENET-GR-MNT
source:       RIPE # Filtered

person:       Ch Stasinopoulos
address:      23 Praxitelous str
address:      10562 ATHENS
address:      GR
phone:        +30-1-3315060
fax-no:       +30-1-3221268
nic-hdl:      CS1409-RIPE
mnt-by:       OTENET-GR-MNT
source:       RIPE # Filtered

person:       G Stamatopoulos
address:      23 Praxitelous str
address:      10562 ATHENS
address:      GR
phone:        +30-1-3315060
fax-no:       +30-1-3221268
nic-hdl:      GS1522-RIPE
mnt-by:       OTENET-GR-MNT
source:       RIPE # Filtered

% Information related to '195.167.0.0/17AS6799'

route:        195.167.0.0/17
descr:        OTEnet
origin:       AS6799
remarks:      OTEnet S.A. Multiprotocol Backbone & ISP
mnt-by:       OTENET-GR-MNT
source:       RIPE # Filtered
 




More information about the dba-Tech mailing list