I discovered something on the latest submission
to our list. I set up the list so that I'm the only
one to get the messages.. This hack may not
need shell or root access. It may be a majordomo
hole... All the messages sent appear to come from
"owner-..." So perhaps they hacked the list password...
Anywhay here is part of the header.
Can I assume he/she is using a compaq and connected
using 162.39.57.35 I did a lookup:
Central Telephone Co. in LittleRock AR USA.
Am I on the right track?
-Bob
Delivered-To: rocon-rocnet:com-zzztgn@rocnet.com
From: owner-thebulletin@greatestnetworker.com
Received: from compaq ([162.39.57.35])
by www.greatestnetworker.com (8.9.3/8.9.3) with SMTP id RAA00783
for ; Tue, 6 Feb 2001 17:08:03 -0500
Date: Tue, 6 Feb 2001 17:08:03 -0500
Message-Id: <200102062208.RAA00783@www.greatestnetworker.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="--VEXAFWTYJCTE7WTAB"
Subject: [The Bulletin:07] Message for thebulletin
Sender: owner-thebulletin@greatestnetworker.com
Precedence: bulk
Reply-To: owner-thebulletin@greatestnetworker.com
X-UIDL: 3Y`!!'
