|
|
|
|
ÀÚÀ¯Åä·Ð
|
KOPSA e-mail¿¡´Â ¹ÙÀÌ·¯½º°¡ ¾ø½À´Ï´Ù |
|
|
±Û¾´ÀÌ : kopsa
³¯Â¥ : 02-09-01 00:07
Á¶È¸ : 5746
|
|
|
KOPSA e-mail¿¡´Â ¹ÙÀÌ·¯½º°¡ ¾ø½À´Ï´Ù
========== 2004³â 1¿ù 29ÀÏ Ãß°¡ÇÕ´Ï´Ù.
¾Æ·¡¿Í °°Àº ¸ÞÀÏÀ» ¹Þ¾Ò´Âµ¥ ÀÌ ¸ÞÀÏÀ» º¸³½ ÀûÀÌ ¾øÀ¸¸ç
¶ÇÇÑ "KOPSA e-mail¿¡´Â ¹ÙÀÌ·¯½º°¡ ¾ø´Ù"´Â »ç½ÇÀ» ¾Ë·Áµå¸³´Ï´Ù.
........... Àü¼ÛÇϽŠÀüÀÚ¿ìÆíÀÇ Ã·ºÎÆÄÀÏ¿¡¼ ¹ÙÀÌ·¯½º°¡ ¹ß°ßµÇ¾ú½À´Ï´Ù.
±ÍÇÏÀÇ ÀüÀÚ¿ìÆíÀº ¼ö½ÅÀÚ¿¡°Ô Àü´ÞµÇÁö ¾Ê¾ÒÀ¸´Ï ¹ÙÀÌ·¯½º¸¦ Á¦°ÅÇÏ½ÅµÚ ´Ù½Ã º¸³»Áֽñ⠹ٶø´Ï´Ù.
¹ß½ÅÀÚ: dir@kopsa.or.kr ¼ö½ÅÀÚ: alice@sch.ac.kr Á¦¸ñ: Test
¹ÙÀÌ·¯½ºÀ̸§: Win32/MyDoom.worm.22528 on document.scr
================
¿À·¡ Àü ÀÏÀÌÁö¸¸ ´©±º°¡ °¹Ú»ç ¸ÞÀÏÀ» ¹ß¼Ûó·Î ÇÏ¿© ½ºÆÔÀ» ¹ß¼ÛÇÏ¿© °ÅÀýÇÏ´Â ¸ÞÀϵéÀÌ ÀÌ°÷À¸·Î µµÂøÇÏ´Â ÀÏÀÌ »ý±â±âµµ Çß½À´Ï´Ù. »çÀ̹ö °æ Âûû¿¡ ½Å°í¸¦ ÇßÁö¸¸ ÇØ°áÃ¥Àº ¾ø½À´Ï´Ù.
¿äÁîÀ½ ¹ÙÀÌ·¯½º ¸ÞÀϵµ ÀÏÁÖÀÏÀÌ¸é ¸î ȸ°¡ ¿É´Ï´Ù. ´©±º°¡ °¹Ú»ç ¸ÞÀÏ ÁÖ¼Ò¸¦ °¡Áö°í ÀÖ´Â °÷ÀÌ ¹ÙÀÌ·¯½º¿¡ °¨¿°µÇ¾î ½ºÅ©·¥ºíµÇ¾î °è¼Ó ¹ÙÀÌ¾î ½º ¸ÞÀÏÀÌ ¿À´Â °Í °°½À´Ï´Ù.
¹æ±Ý °¹Ú»ç°¡ º¸³½ °ÍÀ¸·Î ³ªÅ¸³ ¼°´ëÇÐÀ¸·Î ¹ß¼ÛµÈ ¸ÞÀÏ¿¡ ¹ÙÀÌ·¯½º °¡ °¨¿°µÆ´Ù´Â ÀÚµ¿ ¸ÞÀÏÀÌ µµÂøÇß½À´Ï´Ù. °¹Ú»ç´Â ±×·± ¸ÞÀÏÀ» º¸³½ Àû ÀÌ ¾ø½À´Ï´Ù. À§¿Í ¸¶Âù°¡Áö Çö»óÀÎ °Í °°½À´Ï´Ù.
±×·¯³ª ´©±º°¡ °íÀÇÀûÀ¸·Î ¹ÙÀÌ·¯½º ¸ÞÀÏÀ» º¸³»°í ±× Áß¿¡´Â °¹Ú»çÀÇ ÁÖ ¼Ò¸¦ °¡Áø ¹ÙÀÌ·¯½º ¸ÞÀÏÀ» º¸³¾ °¡´É¼ºµµ ÀÖ½À´Ï´Ù. ÀÌ·± ÀÏÀÌ À̹ø¿¡ CSICOP¿¡¼ ÀϾ´Âµ¥, ¾Æ·¡ °ü·Ã ³»¿ëÀ» ÷ºÎÇß½À´Ï´Ù.
°¹Ú»çµµ ±× ¸ÞÀÏÀ» ¹Þ¾ÒÀ¸³ª ¹é½Å ÇÁ·Î±×·¥ÀÌ Àâ¾Æ³Â½À´Ï´Ù. ¿©ÇÏÆ° KOPSA e-mail¿¡´Â ¹ÙÀÌ·¯½º°¡ ¾ø´Ù´Â »ç½ÇÀ» ¾Ë·Áµå¸®°íÀÚ ÇÕ´Ï´Ù. ÀÌ°÷ À» ¹ß¼Ûó·Î ÇÑ ¹ÙÀÌ·¯½º ¸ÞÀÏÀÌ ¹è´ÞµÇ¸é ¾Ë·Á Áֽñ⠹ٶø´Ï´Ù. °¨»çÇÕ ´Ï´Ù.
----- Original Message ----- From: <postmaster> To: <dir@kopsa.or.kr> Sent: 2002³â 8¿ù 27ÀÏ È¿äÀÏ ¿ÀÈÄ 3:27 Subject: InterScan NT Alert
Sender, InterScan has detected virus(es) in your e-mail attachment. Date: Tue, 27 Aug 2002 15:27:10 +0900 Method: Mail From: <dir@kopsa.or.kr> To: hoonbok@ccs.sogang.ac.kr File: snoopy.exe Action: clean failed - deleted Virus: WORM_KLEZ.H
............................... Hi, Barry
I thought you might like to know that actually, no real "hacking" needed to find place. Most list servers will accept any mail with the valid sender address. However, changing the sender address of any email you send is dead easy. Your email client most likely have a setting that you can change to anything you like. To demonstrate how it works, this mail is sent with SkeptInq as the sender address (I kept my real email address as the "Reply-To" address, so any reply will go to me directly). So, not much faith can be placed in the email address of the sender of an email.
The reason I am writing this email is that there is indeed a lot of bunk thinking going on with regard to the Internet. As a computer professional, I personally find this kind of nonsense to be particularly annoying, much like a physicist will be offended by talk about "microleptons". A well-known fact with computer professionals is that there is actually no security mechanisms in place to verify the sender of email (unless you take special precausions), but there ARE various ways of tracing the real origin of an email. For example, the mail containing the virus was sent from a subscriber of someone called "Optimum Online (Cablevision Systems)". They look rather obscure, but here is their technical contact, anyhow:
TechPhone: +1-516-393-3281 TechEmail: hostmaster@cv.net
This person is the right instance to report this occurrence of Abuse to. Their web page is at http://www.cablevision.com/. If you forward the offending to hostmaster@cv.net, they might revoke this particular users contract, or even choose to report him to the police.
In short, neither the list, nor your email was hacked. The only thing that happened was that some vandal decided to randomly target this list. I recommend you file a complaint either to abuse@aol.com or to hostmaster@cv.net.
I though you also might like to know that the ONLY way that you can verify the sender of an email is by cryptographic signatures (see for example http://www.howstuffworks.com/question571.htm). The ironic thing is that cryptographic technology is the only thing that might save us as Internet vandals are becoming more clever, but on the other hand, the US government is talking about a restriction on crypto laws again. There are many uses of crypto that cannot be meaningfully used by terrorist to hide their actions, but only one that can. The infrastructure Internet is currently extremely susceptible to random acts of vandalism and yes, terrorism, and the only thing that will ever keep it safe is if crypto gets used more.
I hope you will excuse the blatant use of your email address as the sender of this email. A point like this is most clearly illustrated by an dramatic (?) example. I would like to tell you how to repeat the "trick" on your computer, but I do not know how to use your email client program (AOL 7.0, right?).
Let me know if I can be of assistance in this matter.
Sincerely, ~Johannes Brodwall johannes@brodwall.com
----- Original Message ----- From: "Barry Karr" <SkeptInq@aol.com> To: <CSICOP-ANNOUNCE@LISTSERV.AOL.COM> Sent: August 26, 2002 15:12 Subject: DO NOT OPEN!! - 1999 PBS Online and WGBH - CSICOP List
A virus loaded e-mail was sent out to the CSICOP announcement list allegedly from the Skeptinq@aol.com address (my e-mail address). I did not send out this message, and it did not originate from my machine. It seems either my e-mail or the list was hacked.
The title of the message is "1999 PBS Online and WGBH." It comes with an attached file, but do not even click on the message. I have been told that the virus can download just by clicking on the e-mail itself without downloading the attached file.
Barry Karr CSICOP ....................................
[ÀÌ °Ô½Ã¹°Àº kopsa´Ô¿¡ ÀÇÇØ 2007-12-08 22:14:48 °øÁö»çÇ׿¡¼ À̵¿ µÊ]
|
|
|
|
|