[mythtv-users] List scraping and viruses
tim at litwiller.net
Tue Jan 27 17:18:46 EST 2004
So if you have windows machine on your network run this from a virtual terminal on your mythtv
changing the 192.168.0-128.* to match your networks ip structure and it will tell you if it find a compromised machine. If you have a squid proxy server it will show that since it defaults to port 3128 but you can ignore that match.
nmap -v -p 3127-3198 192.168.0-128.* -oG nmap.txt > /dev/null && cat nmap.txt | grep open
Jarod C. Wilson wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>So far today, I've already got a DSN message saying something I supposedly
>sent (forged headers, of course) to mdz was rejected, along with a message
>claiming to be from bjm (also forged headers). Either someone(s) on the list
>has an infected Windows host, or there's some scraping of the list for email
>addresses going on...
>This is one nasty bugger. My virus proxy filter has already stripped out
>something like 80 messages in the first half of the day... Everyone please
>double-check that your systems haven't been compromised (surprise, surprise,
>the virus only infects Windows).
>Jarod C. Wilson, RHCE
>Got a question? Read this first...
>MythTV, Fedora Core & ATrpms documentation:
>MythTV Searchable Mailing List Archive
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.4 (GNU/Linux)
>-----END PGP SIGNATURE-----
>mythtv-users mailing list
>mythtv-users at mythtv.org
More information about the mythtv-users