On Tue, 18 Sep 2001, Pedro Miller Rabinovitch wrote: > I've inspected the executable code, and it reads like a worm. (doh) > > Has anyone seen this? I just got a readme.exe e-mail to me from a dsl.net IP address a few minutes ago. Odd thing is it sends it's Content-type as audio/x-wav I've added the following to filter it in procmail: :0 B * >50000 * <90000 * ^Content-Type: audio/x-wav; * ^ name="readme.exe" YourVirustrapHere ========================================================== Chris Candreva -- chrisat_private -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 09:00:53 PDT