Unbeleivable!
#1
Scooby Regular
Thread Starter
Join Date: Jan 2002
Posts: 11,581
Likes: 0
Received 0 Likes
on
0 Posts
Unbeleivable!
I've been regularly getting viruses sent to me, which thankfully my av software has been managing, but I finally had some time to try and figure out where it was coming from and it was all from the same IP address.
So I do a whois at RIPE and find that the IP address belongs to an IT Consultancy firm. I've just sent a lovely e-mail to their MD
So I do a whois at RIPE and find that the IP address belongs to an IT Consultancy firm. I've just sent a lovely e-mail to their MD
#3
Scooby Regular
Join Date: Sep 1999
Location: Bedfordshire
Posts: 4,037
Likes: 0
Received 0 Likes
on
0 Posts
rev,
how do you that? I get loads of virus emails daily now and its getting a joke. Would like to do a little more, its a pity you cant setup rules at isp level so I dont even receive them.
cheers
Gary
how do you that? I get loads of virus emails daily now and its getting a joke. Would like to do a little more, its a pity you cant setup rules at isp level so I dont even receive them.
cheers
Gary
#4
Scooby Regular
Thread Starter
Join Date: Jan 2002
Posts: 11,581
Likes: 0
Received 0 Likes
on
0 Posts
Some ISP's do offer AV screening and anti-spam, but you have to make it so that you can opt in or out (what may be spam to you could be useful to someone else).
For Outlook Users:
Right-click on the offending e-mail and select Options off the menu with the left button.
At the bottom of the dialogue box, is a section marked "Internet Headers". This is where to start looking.
You need the line that says "Received: from [123.456.789.123]" the bit in the square brackets is the IP address. Now, your message may have been bounced from mail server to mail server, so check the date stamps to work out the oldest, which is your starting computer and is the one with the problem.
You can then use various tools to see who owns that IP address (if it's a European IP address, go to www.ripe.net, go to the whois db and put the address in there and it gives the ownership details.
99% of the time the IP address belongs to a large ISP, in which case you could try sending an e-mail to abuse@[isp.name] but I wouldn't hold your breath. On this occasion I got lucky and the address belonged to a small-ish company and there was a contact name listed.
I love IT detective work
For Outlook Users:
Right-click on the offending e-mail and select Options off the menu with the left button.
At the bottom of the dialogue box, is a section marked "Internet Headers". This is where to start looking.
You need the line that says "Received: from [123.456.789.123]" the bit in the square brackets is the IP address. Now, your message may have been bounced from mail server to mail server, so check the date stamps to work out the oldest, which is your starting computer and is the one with the problem.
You can then use various tools to see who owns that IP address (if it's a European IP address, go to www.ripe.net, go to the whois db and put the address in there and it gives the ownership details.
99% of the time the IP address belongs to a large ISP, in which case you could try sending an e-mail to abuse@[isp.name] but I wouldn't hold your breath. On this occasion I got lucky and the address belonged to a small-ish company and there was a contact name listed.
I love IT detective work
#5
MessageLabs - that's the answer. Bl**dy fantastic.
Before anyone asks, no I don't work for them - just been using their service for ~3 yrs now (just after the "I Love You" virus).
Before anyone asks, no I don't work for them - just been using their service for ~3 yrs now (just after the "I Love You" virus).
Thread
Thread Starter
Forum
Replies
Last Post