[ale] test

Bob Toxen bob at verysecurelinux.com
Mon Feb 9 09:19:35 EST 2004

On Fri, Feb 06, 2004 at 09:07:45PM -0500, John Wells wrote:
> On Fri, 2004-02-06 at 19:55, magius at wittsend.com wrote:
> > test

> ...could it be?  Warfield himself infected?!?  Surely a test machine? :)
Yeah, right.  Wanna buy a bridge in Brooklyn?

The faked mail header on that message is:

Received: from wittsend.com ([]) by lakemtao02.cox.net
	(InterMail vM. 201-253-122-130-105-20030824) with ESMTP
	id <20040207005648.ZZWA19763.lakemtao02.cox.net at wittsend.com>
	for <ale at ale.org>; Fri, 6 Feb 2004 19:56:48 -0500

Note that Mike's system, wittsend.com, is not at IP so
the message is faked.

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002

More information about the Ale mailing list