Steve,
You are correct . . . it was emailed through a Comcast SMTP
server. Comcast's IP block that contains the specific IP address is
identified as Comcast's "Illinois-14" so I presume the end user (on cable)
is somewhere in the Illinois region.
BTW, I've read other messages in the thread. Comcast is an enormous source
of SPAM and much of it is being spewed by cable and DSL accounts. Other
significant sources that stand out above the rest are CableVision,
RoadRunner, Southwest Bell and Pacific Bell . . . not necessarily in that
order.
I've received a spate of worm laden emails recently containing several of
the recent NetSky and Bagle (aka Beagle) variants. One surprising one was
a BugBear too! Nearly all of them come from high speed (cable/DSL)
accounts which have permanent IP addresses (versus dial-up's dynamically
assigned ones). IMHO several technologies have converged to wreak the more
recent worm havoc:
(a) Rampant growth of high speed cable/DSL for "home" use which means the
vast, vast majority of these users are totally clueless about high-speed
connections (routers, etc.), permanent IP addresses and how to better
secure a permanent connection . . . especially if left *on* 24/7 (which
many do).
(b) Several of the most recent Windoze versions including XP, ME, 2000,
etc., that contain some enormous security problems with how network
"sharing" is set up in them by default, not to mention some other
significant chinks in their security armor that can easily be exploited.
(c) Recent high growth of "wireless" connections to cable/DSL being used
in the home. The vast majority of these devices are unsecured "out of the
box" and can be very easily exploited to gain access to the account and/or
the machine (if left on) by someone with a "sniffer" in the back of a van
parked down the block. At the least, even if there is some basic security
on the router end and a firewall on the machine, the packets are "in the
clear" and can be monitored by automated software for passwords and
financial account data.
A word to the wise:
Firewall, firewall, firewall! Wireless needs to be encrypted and secured
to preclude sereptitious account access. Update, update, update! AV
software needs to be updated twice weekly. The creators of NetSky and
Bagle worms are releasing new variants every couple of days and about half
of the new ones slip under the wire of all past AV software virus signature
files without being detected. Windoze Update should be run no less than
twice a month to plug all the security holes Gates can't seem to prevent up
front and the worm creators keep finding and exploiting. (Not enough time
to do it right, but always time to do it over philosphy at
MicroSloth??? Read the OS software license; there's no guarantee of
suitability, fitness, or anything, including operability or security.)
-- John Lind
At 05:36 PM 4/30/04, you wrote:
>I did not send the message below to the list. Can someone out there take a
>look at the following and see if there's anything there that looks like a
>clue to who on the list might have this virus? Someone on Comcast
>broadband, perhaps?
>
>Steve Troy
The olympus mailinglist olympus@xxxxxxxxxx
To unsubscribe: mailto:olympus-request@xxxxxxxxxx?subject=unsubscribe
To contact the list admins: mailto:olympusadmin@xxxxxxxxxx?subject="Olympus
List Problem"
|