Help Request: Stopping 'Attack'?
Joel Jaeggli
joelja at darkwing.uoregon.edu
Mon Jan 26 23:57:23 UTC 2004
we run some big mail servers...
Chances are what you're seeing right now is this:
http://www.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html
An actual message sent by it looks like this:
[ The following text is in the "Windows-1252" character set. ]
[ Your display is set for the "ISO-8859-1" character set. ]
[ Some characters may be displayed incorrectly. ]
The message cannot be represented in 7-bit ASCII encoding and has been
sent as
a binary attachment.
[ Part 2, Application/OCTET-STREAM (Name: "dwm.zip") 31KB. ]
[ Cannot display this part. Press "V" then "S" to save in a file. ]
On Mon, 26 Jan 2004, Chris Gray wrote:
>
> I am using FC1 as a mail server and use ClamAV to protect against
> viruses. Clam has killed around 200 emails in the last hour from a
> variety of hosts. Each email contained the Worm.SCO.A virus.
>
> What I need to know is: Is this a DoS or some other kind of concentrated
> attack and - if so - how do I combat it?
>
> Thanks in advance...
>
> Chris Gray
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.567 / Virus Database: 358 - Release Date: 1/24/2004
>
>
>
>
--
--------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja at darkwing.uoregon.edu
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
More information about the fedora-list
mailing list