To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- I remember from old uucp days that empty emails are the result of buffer overflows.
They tricked me to believe 216.154.231.123 was our primary mailer. So they tried to get in, between our primary and secondary. If that is'nt a hack - what is? Kind regards Peter and Karin Dambier Adriel T. Desautels wrote: > Why would you even jump to such assumptions anyway? Since when does an empty > email mean that you are being hacked? > > > On 3/24/07 6:35 PM, "Peter Dambier" <[EMAIL PROTECTED]> wrote: > > >>To report a botnet PRIVATELY please email: [EMAIL PROTECTED] >>---------- >>Sorry for the noise, >> >>this one is to blame, not the DoD >> >> >>Received: from unknown (HELO 216.154.231.123) (216.154.231.123) >> >>SBC Internet Services SBCIS-SIS80 (NET-216-154-224-0-1) >> 216.154.224.0 - 216.154.255.255 >>TAD Online SBC216154231000020130 (NET-216-154-231-0-1) >> 216.154.231.0 - 216.154.231.127 >> >>Seen more spam from that address. >> >> >>Kind regards >>Peter and Karin >> >> >> >>Peter Dambier wrote: >> >>>Hi all, >>> >>>I come from seeing three empty emails, sent via mx3.memor.net >>> >>>is DoD trying to hack the Cesidian Root? >>> >>> >>>Kind regards >>>Peter and Karin Dambier >>> >>> >>>-------- Original Message -------- >>>From: - Sat Mar 24 12:56:28 2007 >>>X-UIDL: hikwc3np6lj0umr5 >>>X-Mozilla-Status: 0001 >>>X-Mozilla-Status2: 00000000 >>>Received: from [212.97.45.53] by mx3.memor.net >>>~ (ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 >>>(1.8.8.9)); >>>~ Sat, 24 Mar 2007 12:35:42 +0100 >>>Received: from [216.154.231.123] by mx3.memor.net with SMTP (HELO >>>216.154.231.123) >>>~ (ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 >>>(1.8.8.9)); >>>~ Sat, 24 Mar 2007 12:35:41 +0100 >>>Message-ID: <[EMAIL PROTECTED]> >>>Date: Sat, 24 Mar 2007 12:35:41 +0100 >>>Reply-To: [EMAIL PROTECTED] >>> >>>Received: from 30.48.99.246 by ; Sat, 24 Mar 2007 16:36:17 +0400 >>>Message-ID: <I[20 >>> >>>OrgName: DoD Network Information Center >>>OrgID: DNIC >>>Address: 3990 E. Broad Street >>>City: Columbus >>>StateProv: OH >>>PostalCode: 43218 >>>Country: US >>> >>>NetRange: 30.0.0.0 - 30.255.255.255 >>>CIDR: 30.0.0.0/8 >>>NetName: ARPAX25-TEMP >>>NetHandle: NET-30-0-0-0-1 >>>Parent: >>>NetType: Direct Allocation >>>Comment: Defense Information Systems Agency >>>Comment: Washington, DC 20305-2000 US >>>RegDate: >>>Updated: 2002-10-07 >>> >>>OrgTechHandle: MIL-HSTMST-ARIN >>>OrgTechName: Network DoD >>>OrgTechPhone: +1-800-365-3642 >>>OrgTechEmail: [EMAIL PROTECTED] >>> >>> >>>-------- Original Message -------- >>>From: - Sat Mar 24 16:48:47 2007 >>>X-UIDL: clntq5knqshfcns5 >>>X-Mozilla-Status: 0001 >>>X-Mozilla-Status2: 00000000 >>>Received: from [212.97.45.53] by mx3.memor.net >>>~ (ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 >>>(1.8.8.9)); >>>~ Sat, 24 Mar 2007 16:33:25 +0100 >>>Received: from [216.154.231.123] by mx3.memor.net with SMTP (HELO >>>216.154.231.123) >>>~ (ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 >>>(1.8.8.9)); >>>~ Sat, 24 Mar 2007 16:33:25 +0100 >>>Message-ID: <[EMAIL PROTECTED]> >>>Date: Sat, 24 Mar 2007 16:33:25 +0100 >>>Reply-To: [EMAIL PROTECTED] >>> >>>Received: from 136.152.245.48 by ; Sat, 24 Mar 2007 22:29:00 +0600 >>>Message-ID: <P[20 >>> >>>OrgName: University of California at Berkeley >>>OrgID: UCAB-1 >>>Address: IST Communication and Network Services >>>Address: ATTN Network Services Group >>>Address: 2484 Shattuck Ave, #1640 >>>City: Berkeley >>>StateProv: CA >>>PostalCode: 94720-1640 >>>Country: US >>> >>>NetRange: 136.152.0.0 - 136.152.255.255 >>>CIDR: 136.152.0.0/16 >>>NetName: UCB-TELECOM >>>NetHandle: NET-136-152-0-0-1 >>>Parent: NET-136-0-0-0-0 >>>NetType: Direct Assignment >>>NameServer: ADNS1.BERKELEY.EDU >>>NameServer: ADNS2.BERKELEY.EDU >>>NameServer: UCB-NS.NYU.EDU >>>Comment: DMCA Designated Agent is Jacqueline Craig >>><[EMAIL PROTECTED]> >>>RegDate: 1991-03-06 >>>Updated: 2003-06-23 >>> >>>RTechHandle: UCB-NOC-ARIN >>>RTechName: IST Communication and Network Services >>>RTechPhone: +1-510-643-3267 >>>RTechEmail: [EMAIL PROTECTED] >>> >>>OrgTechHandle: UCB-NOC-ARIN >>>OrgTechName: IST Communication and Network Services >>>OrgTechPhone: +1-510-643-3267 >>>OrgTechEmail: [EMAIL PROTECTED] >>> >>> >>>-------- Original Message -------- >>>From: - Sat Mar 24 19:29:39 2007 >>>X-UIDL: ptlmlsreb3nrw0ee >>>X-Mozilla-Status: 0001 >>>X-Mozilla-Status2: 00000000 >>>Received: from [212.97.45.53] by mx3.memor.net >>>~ (ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 >>>(1.8.8.9)); >>>~ Sat, 24 Mar 2007 19:10:52 +0100 >>>Received: from [216.154.231.123] by mx3.memor.net with SMTP (HELO >>>216.154.231.123) >>>~ (ArGoSoft Mail Server Pro for WinNT/2000/XP, Version 1.8 >>>(1.8.8.9)); >>>~ Sat, 24 Mar 2007 19:10:52 +0100 >>>Message-ID: <[EMAIL PROTECTED]> >>>Date: Sat, 24 Mar 2007 19:10:52 +0100 >>>Reply-To: [EMAIL PROTECTED] >>> >>>Received: from 140.17.144.151 by ; Sat, 24 Mar 2007 22:08:27 +0300 >>>Message-ID: <M[20 >>> >>>OrgName: DoD Network Information Center >>>OrgID: DNIC >>>Address: 3990 E. Broad Street >>>City: Columbus >>>StateProv: OH >>>PostalCode: 43218 >>>Country: US >>> >>>NetRange: 140.17.0.0 - 140.17.255.255 >>>CIDR: 140.17.0.0/16 >>>NetName: SUM-LETT-6 >>>NetHandle: NET-140-17-0-0-1 >>>Parent: NET-140-0-0-0-0 >>>NetType: Direct Assignment >>>Comment: Defense Information Systems Agency >>>Comment: Attn: Code DDEH/B611 >>>Comment: Washington, DC 20305-2000 US >>>RegDate: 1990-04-08 >>>Updated: 1991-07-18 >>> >>>RTechHandle: AJC5-ARIN >>>RTechName: Tso, Ann J. >>>RTechPhone: +1-703-735-3131 >>>RTechEmail: [EMAIL PROTECTED] >>> >>>OrgTechHandle: MIL-HSTMST-ARIN >>>OrgTechName: Network DoD >>>OrgTechPhone: +1-800-365-3642 >>>OrgTechEmail: [EMAIL PROTECTED] >>> >>> >>> >>>-- >>>Peter and Karin Dambier >>>Cesidian Root - Radice Cesidiana >>>Rimbacher Strasse 16 >>>D-69509 Moerlenbach-Bonsweiher >>>+49(6209)795-816 (Telekom) >>>+49(6252)750-308 (VoIP: sipgate.de) >>>mail: [EMAIL PROTECTED] >>>mail: [EMAIL PROTECTED] >>>http://iason.site.voila.fr/ >>>https://sourceforge.net/projects/iason/ >>>http://www.cesidianroot.com/ > > -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Rimbacher Strasse 16 D-69509 Moerlenbach-Bonsweiher +49(6209)795-816 (Telekom) +49(6252)750-308 (VoIP: sipgate.de) mail: [EMAIL PROTECTED] mail: [EMAIL PROTECTED] http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ http://www.cesidianroot.com/ _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
