Solved

W32.Beagle@mm!zip virus

Posted on 2004-09-15
5
505 Views
Last Modified: 2010-05-18
Someone who works for our company keeps getting emails that have the virus W32.Beagle@mm!zip.
In the header it says
Received: from SAXP03.com (unknown [217.154.145.67])
As I understand it the return sender is spoofed so this does me no good. Is there a way to find out what ISP owns this IP address.

Thanks,
DMS
0
Comment
Question by:DMS-X
  • 2
  • 2
5 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12066070
Hello DMS-X =)

Have u read here abt this worm >> http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle@mm!zip.html
:-?
0
 
LVL 23

Accepted Solution

by:
Justin Durrant earned 500 total points
ID: 12066074
Hi DMS-X,


According to whois:

Country: UNITED KINGDOM


% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html

inetnum:      217.154.145.64 - 217.154.145.71
netname:      MISTRAL-ADSL-COMMERCIAL-AEROSPACE
descr:        ADSL: Commercial Aerospace Services Co. Limited
country:      GB
admin-c:      BE325-RIPE
tech-c:       MH14860-RIPE
status:       ASSIGNED PA
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE

route:        217.154.0.0/16
descr:        MISTRAL-ROUTE-217.154
descr:        Original Mistral Block 3
descr:        ALLOCATED PA Space do not break up
origin:       AS8897
mnt-by:       MISTRALNOC
changed:     ********@mistral.net 20021230
source:       RIPE

role:         Mistral Hostmaster
address:      Mistral Internet Group Limited
address:      5th Floor, Tower Point, 44 North Road
address:      Brighton
address:      East Sussex
address:      UK
address:      BN1 1YR
phone:        +44 1273 747432
fax-no:       +44 1273 747452
e-mail:      ***********@mistral.co.uk
trouble:      Information: http://www.mistral.co.uk/
trouble:      Questions? ******************@mistral.co.uk
trouble:      Problems? *************@mistral.co.uk
admin-c:      MH14860-RIPE
admin-c:      DE1266-RIPE
admin-c:      PE2639-RIPE
tech-c:       MH14860-RIPE
tech-c:       DE1266-RIPE
tech-c:       PE2639-RIPE
nic-hdl:      MH14860-RIPE
notify:      ************@ripe.net
mnt-by:       MISTRALNOC
changed:     ****@mistral.co.uk 20000525
changed:     ****@mistral.co.uk 20000526
changed:     ********@mistral.co.uk 20020716
changed:     *****@mistral.net 20030523
source:       RIPE

person:       Brenda Eastaff
address:      Commercial Aerospace Services Co. Limited
address:      Aviation Centre    Star Estate
address:      Partridge Green
address:      West Sussex
address:      RH13 8RA
phone:        +441403 711444
e-mail:      *******@casco.arero
nic-hdl:      BE325-RIPE
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE



JJ
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12066087
0
 
LVL 1

Author Comment

by:DMS-X
ID: 12066361
All of the other whois databases I tried came back empty. I will remember this one.

Thanks!
0
 
LVL 23

Expert Comment

by:Justin Durrant
ID: 12066384
No Prob
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now