ddavidso@suna.mqcc.mq.oz.au (Dean Davidson) (10/06/90)
It started with: >From: Don Sheffer <dgpickering@rose.uwaterloo.ca> >To: ddavidso@sunc.mqcc.mq.oz.au > >Greetings from Canada! > >Some time ago you mentioned being hit by the "1022" or fellowship virus. >We would be interested in obtaining a copy for research purposes, and >also to track the infection rate of this new virus. If you could send >us a specimen and information about number of PC's infected, spread rate, >etc., it would be much appreciated. > >Thanks in advance! > >===================================================================== >Don Sheffer, University of Waterloo Virus Response Team >===================================================================== I was a bit wary as his name was different to his account name so I answered him: > Sorry Don, > > No doubt you are genuine but I have no means of knowing! > If you are known to either John McAfee of Fridrik Skulason you > should ask them, as they have copies > > I am afraid that our university policy is only to distribute to > people who we know. The mail bounced with: > ----- Transcript of session follows ----- > While talking to rose.uwaterloo.ca: > >>> RCPT To:<dgpickering@rose.uwaterloo.ca> > <<< 550-<dgpickering@rose.uwaterloo.ca>... > User exists, but cannot receive mail -- please check with postmaster I then mailed the transcript to postmaster@rose with the following note: > This is a bit of a worry. > I received the following from a Mr Sheffer > who as you can see puports to belong to the > "University of Waterloo Virus Response Team" > > I was a bit suspicious as the sender was > dgpickering@rose, different to his name, but I replied in any case > As you can see the mail bounced - "User exists but cannot receive mail" > > Is this person Don Sheffer genuine? Note that he wants a virus! Guy Middleton (the postmaster@rose) then replied: >The message you received can be generated for a number of reasons. The user >in this instance is scheduled for deletion (probably because he is an >undergrad, and away from campus until January at the earliest). >We don't approve of people using other peoples' logins -- I imagine that Don >Sheffer either borrowed it or broke in. >There is no such thing as the "University of Waterloo Virus Response Team". In summary: 1. Beware of genuine sounding people who want viruses for research 2. Beware of Don Sheffer 3. Beware of [employees!] of the University of Waterloo Virus Response Team _____________________________________________________________________________ Dean Davidson ddavidso@suna.mqcc.mq.oz.au User Support Phone 61 2 805 7436 Macquarie University Fax 61 2 805 7433 NSW 2109 Australia VK2 ZID
ingoldsb@uunet.UU.NET (Terry Ingoldsby) (10/15/90)
ddavidso@suna.mqcc.mq.oz.au (Dean Davidson) writes: > It started with: > > >From: Don Sheffer <dgpickering@rose.uwaterloo.ca> > >To: ddavidso@sunc.mqcc.mq.oz.au > > > >Greetings from Canada! > > > >Some time ago you mentioned being hit by the "1022" or fellowship virus. > >We would be interested in obtaining a copy for research purposes, and > >also to track the infection rate of this new virus. If you could send .. > >Don Sheffer, University of Waterloo Virus Response Team ..> > I was a bit wary as his name was different to his account name so I > answered him: > > The mail bounced with: > > While talking to rose.uwaterloo.ca: > > >>> RCPT To:<dgpickering@rose.uwaterloo.ca> This guy seems to have been quite busy! I got a similar message, but from a different account name: Greetings from Ontario! A couple of months ago you mentioned having experienced an outbreak of Yankee Doodle virus. Do you still need help with this? If so, I would be more than happy to send any and all info I have concerning this virus, .... Also, if you could send us a specimen for research purposes .... The account name used in this attempt was "Matthew D. Harding" (rose.waterloo.edu!mdharding>. I wondered why someone who alleged to have a good knowledge on ways to stop the YD virus would want a copy, but unlike Dean Davidson, didn't ever follow up (but neither did I reply to Sheffer). It is evident that we have to be alert to this sort of abuse of the network. I am very concerned about this sort of thing because Usenet is a sensitive issue around here (a security conscious organization). - -- Terry Ingoldsby ctycal!ingoldsb@calgary.UUCP Land Information Services or The City of Calgary ...{alberta,ubc-cs,utai}!calgary!ctycal!ingoldsb