[mythtv-users] List scraping and viruses
Tim Litwiller
tim at litwiller.net
Tue Jan 27 17:18:46 EST 2004
So if you have windows machine on your network run this from a virtual terminal on your mythtv
changing the 192.168.0-128.* to match your networks ip structure and it will tell you if it find a compromised machine. If you have a squid proxy server it will show that since it defaults to port 3128 but you can ignore that match.
nmap -v -p 3127-3198 192.168.0-128.* -oG nmap.txt > /dev/null && cat nmap.txt | grep open
Jarod C. Wilson wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>So far today, I've already got a DSN message saying something I supposedly
>sent (forged headers, of course) to mdz was rejected, along with a message
>claiming to be from bjm (also forged headers). Either someone(s) on the list
>has an infected Windows host, or there's some scraping of the list for email
>addresses going on...
>
>This is one nasty bugger. My virus proxy filter has already stripped out
>something like 80 messages in the first half of the day... Everyone please
>double-check that your systems haven't been compromised (surprise, surprise,
>the virus only infects Windows).
>
>- --
>Jarod C. Wilson, RHCE
>
>Got a question? Read this first...
> http://catb.org/~esr/faqs/smart-questions.html
>MythTV, Fedora Core & ATrpms documentation:
> http://wilsonet.com/mythtv/
>MythTV Searchable Mailing List Archive
> http://www.gossamer-threads.com/archive/MythTV_C2/
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.4 (GNU/Linux)
>
>iD8DBQFAFtMmln8CX+oYdJURAp8QAJ9xA9EPWUduHK5qJo9+k558hHIX5ACgzITR
>htcohSCq2dJS2O6mHjzZUeg=
>=zQp1
>-----END PGP SIGNATURE-----
>
>_______________________________________________
>mythtv-users mailing list
>mythtv-users at mythtv.org
>http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
>
>
>
>
>
More information about the mythtv-users
mailing list