Peter Krawczyk wrote: > > In the header of the message, everything looks dynamic, and so tracking it > seems to be hard. However, there is a slip -- the Date: header actaully > appears as 'date:'. Sorry I haven't kept up with this one. This message seems to be saying the virus engineers its own SMTP header. Is the FROM: information correct? ------------------------- Gary Flynn Security Engineer - Technical Services James Madison University Please R.U.N.S.A.F.E. http://www.jmu.edu/computing/info-security/engineering/runsafe.shtml ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 15:30:37 PDT