NANFA-- f.y.i. on the klez virus

Russell_McGraw_at_palmercay.com
Wed, 8 Jan 2003 08:01:41 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Russell_McGraw_at_palmercay.com: "NANFA-- f.y.i. on the klez virus"
Previous message: Bob Bock: "Re: NANFA-- Re:unusual culinary suggestions?"

klez has the abililty to "spoof" the return addresses so just 'cause it
looks like it's
from person A, it could be from person B..
_________
from the symantec web site:

This worm searches the Windows address book, the ICQ database, and local
files for email addresses. The worm sends an email message to these
addresses with itself as an attachment. The worm contains its own SMTP
engine and attempts to guess at available SMTP servers. For example, if the
worm encounters the address user_at_abc123.com it will attempt to send email
via the server smtp.abc123.com.

The subject line, message bodies, and attachment file names are random. The

Next message: Russell_McGraw_at_palmercay.com: "NANFA-- f.y.i. on the klez virus"
Previous message: Bob Bock: "Re: NANFA-- Re:unusual culinary suggestions?"