[sane-devel] Binary (worm/virus?) mails claiming to come from

Ulrich Deiters ukd@xenon.pc.Uni-Koeln.DE
Wed, 3 Apr 2002 09:46:18 +0200 (METDST)

... off-topic, but important, so I don't mind discussing that on this

We (U. of Cologne) have been attacked by various means over the last months:
- Someone abused an anonymous FTP server for swapping MP3 files. That
  was not harmful in itself, but used up bandwidth and caused "partition
  full" errors. It stopped when I replaced some MP3 files by symbolic
  links to /dev/zero and removed the writing permissions to the ftp directory.   
  It seems that some people, or perhaps even robots, are scanning the Internet
  for free storage capacity.
- We have *LOTS* of attempts to abuse our machines as mail relays.
- Recently there are lots of e-mails with a cleverly concealed executable
  which overwrites the dialer information in modem-connected PCs with
  expensive telephone numbers. The executable is not really a worm or
  virus, but even so fairly widespread because the originators use automated
  scripts to generate thousands of e-mail accounts with wanadoo.fr, yahoo.com,
  gmx.de, etc., mail as much of their junk as possible, and close the
Best regards,

Ulrich Deiters