Re: virus' on the list
On Wed, 27 Aug 2003 00:20:55 -0400,
amg <ph33rful@optonline.net> wrote in message
<[🔎] 20030827002055.61231a11.ph33rful@optonline.net>:
> Hello all,
>
> Being relatively new to the whole mailing-list scene I have a question
> about the linux mailing-list scene actually (actually part of a
> mailing list in my windows days).
>
> While browsing my inbox, which I only do every several days, I notice
> messages from places such as "info@winram.com" (this was recently, I
> received (or it was sent?) it: 03.08.28).
>
> I am wondering what this is. Did someone send a virus/worm/whatever to
> debian-user@lists.debian.org? Is info@winram a security company
> protecting us happy debian users from such a horrible thing? Is this a
> common thing (have seen before, but can't remember where/when)? Did
> "info@winram.com" mistakingly judge a "normal/safe" message as a
> threat to our security, and in the end, choose to inform us about the
> potential threat?
>
> I am not afraid of receiving a virus through this list (I could be
> blind to the danger I don't know about). I never open an attachment
> from anyone. I am under the impression this is a good thing. (Hint:
> maybe you could tell me otherwise :))
>
> This isn't an important question, so don't rack your brains. I am
> simply curious of what it all means.
>
> Anything on the matter would be helpful, and greately appreciated.
>
> afterthought: while on the windows mailing-list, I never received
> anything closely related to a "virus warning", which is why I ask the
> question now, instead of my pre-Linux days.
..something on the matter: ;-)
arnt@a45:~$ jwhois winram.com
[Querying whois.internic.net]
[Redirected to whois.dotster.com]
[Querying whois.dotster.com]
[whois.dotster.com]
The data contained in the WHOIS database, while
believed by the company to be reliable, is provided "as is",
with no guarantee or warranties regarding its accuracy. This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose, including, but not
limited to, allowing or making possible dissemination or
collection of this data in part or in its entirety for any
purpose, such as the transmission of unsolicited advertising and
solicitations, is expressly forbidden without the prior written
permission of this company. By submitting an inquiry, you agree
to these terms of usage and limitations of warranty.
Please limit your queries to 10 per minute and one connection.
Registrant:
Ken Hopkins
vancouver
vancouver, bc v6h1r5
CA
Registrar: DOTSTER
Domain Name: WINRAM.COM
Created on: 15-JUN-97
Expires on: 14-JUN-04
Last Updated on: 10-APR-03
Administrative, Technical Contact:
Hopkins, Ken khopkins@intersoft.ca
vancouver
vancouver, bc v6h1r5
CA
6048017007
Domain servers in listed order:
NS1.CLGRAB.GROUPTELECOM.NET
NS2.TOROON.GROUPTELECOM.NET
NS1.CYBEK.COM
End of Whois Information
arnt@a45:~$ dig winram.com
; <<>> DiG 9.2.1 <<>> winram.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58250
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 2
;; QUESTION SECTION:
;winram.com. IN A
;; ANSWER SECTION:
winram.com. 86400 IN A 209.17.173.149
;; AUTHORITY SECTION:
winram.com. 86400 IN NS ns.cg.sfl.net.
winram.com. 86400 IN NS ns.mt.sfl.net.
winram.com. 86400 IN NS
ns1.clgrab.grouptelecom.net.
winram.com. 86400 IN NS
ns2.toroon.grouptelecom.net.
;; ADDITIONAL SECTION:
ns1.clgrab.grouptelecom.net. 172798 IN A 139.142.2.3
ns2.toroon.grouptelecom.net. 172798 IN A 209.135.99.3
;; Query time: 2383 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Aug 27 07:28:49 2003
;; MSG SIZE rcvd: 186
arnt@a45:~$ dig -x 209.17.173.149
; <<>> DiG 9.2.1 <<>> -x 209.17.173.149
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33899
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;149.173.17.209.in-addr.arpa. IN PTR
;; ANSWER SECTION:
149.173.17.209.in-addr.arpa. 86400 IN PTR
h209-17-173.gtconnect.net.
;; AUTHORITY SECTION:
173.17.209.in-addr.arpa. 86400 IN NS ns.cg.sfl.net.
173.17.209.in-addr.arpa. 86400 IN NS ns.mt.sfl.net.
;; Query time: 254 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Aug 27 07:30:19 2003
;; MSG SIZE rcvd: 128
arnt@a45:~$
..draw your own conclusions. ;-)
--
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.
Reply to: