Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Posted: 4/16/2002 12:10:19 PM EDT
Hi all. One of my past times is the computer game Diablo 2. Recently, our board has been 'spammed' and it's administrator, Morgana, has been plagued by e-mails with viruses attached (I presume). I'm just curious whether there was anyone here (administrators especially) that could offer expertise to help Morgana, our damsel in distress? This is her request: Apr-16-02, 11:36 AM (CNT) "I need some help please" I am still receiving a virus attachment via email. If somoene can help me trace this one, I would really appreciate it. I will attach the email headers on this post. The virus is called worm_kler.exe the headers is as follows: Return-Path: Delivered-To: morg@d2realm.com Received: (qmail 18540 invoked from network); 16 Apr 2002 05:00:11 -0000 Received: from unknown (HELO ammis03.alpha-mail.net) (63.164.93.119) by hydrogen.gamesquad.net with SMTP; 16 Apr 2002 05:00:11 -0000 Received: from ammis02.alpha-mail.net (ammis02 <63.164.93.121>) by ammis03.alpha-mail.net (8.11.6/3.7W) with SMTP id g3G4xxF07247 for ; Tue, 16 Apr 2002 13:59:59 +0900 Received: from Hxctsfrh (<210.86.40.42>) by ammpri.alpha-mail.net (8.11.6/3.7W) with SMTP id g3G4x5p00698 for ; Tue, 16 Apr 2002 13:59:06 +0900 Date: Tue, 16 Apr 2002 13:59:06 +0900 Message-Id: <200204160459.g3G4x5p00698@ammpri.alpha-mail.net> From: support To: morg@d2realm.com MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPartTM-000-7934850c-7f03-4414-88fd-e896ccf9d1d6" Return-Path: Delivered-To: morg@d2realm.com Received: (qmail 18540 invoked from network); 16 Apr 2002 05:00:11 -0000 Received: from unknown (HELO ammis03.alpha-mail.net) (63.164.93.119) by hydrogen.gamesquad.net with SMTP; 16 Apr 2002 05:00:11 -0000 Received: from ammis02.alpha-mail.net (ammis02 <63.164.93.121>) by ammis03.alpha-mail.net (8.11.6/3.7W) with SMTP id g3G4xxF07247 for ; Tue, 16 Apr 2002 13:59:59 +0900 Received: from Hxctsfrh (<210.86.40.42>) by ammpri.alpha-mail.net (8.11.6/3.7W) with SMTP id g3G4x5p00698 for ; Tue, 16 Apr 2002 13:59:06 +0900 Date: Tue, 16 Apr 2002 13:59:06 +0900 Message-Id: <200204160459.g3G4x5p00698@ammpri.alpha-mail.net> From: support To: morg@d2realm.com MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPartTM-000-7934850c-7f03-4414-88fd-e896ccf9d1d6" etc Anyway, this is posted at D2Realm: http://d2realm.com/cgi-bin/dcforum/dcboard.cgi Thanks... any help would be appreciated!!
Link Posted: 4/16/2002 2:19:39 PM EDT
I have a friend who could use an answer to this as well. He's a gamer getting spammed with email virii. Not sure if this is exactly what you need, but it's an IP tracing tool: [url]http://www.all-nettools.com/tools1.htm[/url]
Link Posted: 4/16/2002 2:40:28 PM EDT
Thanks Metal_Head, I'll copy and paste your lead in her forum. ________________________ If anyone else can help or has possible tips, please post. Thanks all!
Link Posted: 4/16/2002 9:11:31 PM EDT
The IP address 63.164.93.121 belongs to "alpha-mail.net", which is a Japanese ISP. Unless the ISP is helpful, that will probably dead-end the search.
Link Posted: 4/22/2002 5:47:49 PM EDT
Thanks 71-Hour_Achmed! I'll relay that info!!!
Link Posted: 4/22/2002 9:09:15 PM EDT
Link Posted: 4/22/2002 9:11:53 PM EDT
[Last Edit: 4/22/2002 9:12:14 PM EDT by Mortech]
[b][size=6][red]LINUX RULZ!!![/red][/size=6][/b]
Link Posted: 4/23/2002 7:40:15 AM EDT
Originally Posted By Mortech: [b][size=6][red]LINUX RULZ!!![/red][/size=6][/b]
View Quote
Linux does not make you bullet proof. I bet you 1000 bucks I can get root on your box in an hour or less...
Link Posted: 4/23/2002 7:42:39 AM EDT
Top Top