W32.Beagle@mm!zip virus

Someone who works for our company keeps getting emails that have the virus W32.Beagle@mm!zip.
In the header it says
Received: from SAXP03.com (unknown [217.154.145.67])
As I understand it the return sender is spoofed so this does me no good. Is there a way to find out what ISP owns this IP address.

Thanks,
DMS
LVL 1
DMS-XAsked:
Who is Participating?
 
Justin DurrantSr. Engineer - Windows Server/VirtualizationCommented:
Hi DMS-X,


According to whois:

Country: UNITED KINGDOM


% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html

inetnum:      217.154.145.64 - 217.154.145.71
netname:      MISTRAL-ADSL-COMMERCIAL-AEROSPACE
descr:        ADSL: Commercial Aerospace Services Co. Limited
country:      GB
admin-c:      BE325-RIPE
tech-c:       MH14860-RIPE
status:       ASSIGNED PA
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE

route:        217.154.0.0/16
descr:        MISTRAL-ROUTE-217.154
descr:        Original Mistral Block 3
descr:        ALLOCATED PA Space do not break up
origin:       AS8897
mnt-by:       MISTRALNOC
changed:     ********@mistral.net 20021230
source:       RIPE

role:         Mistral Hostmaster
address:      Mistral Internet Group Limited
address:      5th Floor, Tower Point, 44 North Road
address:      Brighton
address:      East Sussex
address:      UK
address:      BN1 1YR
phone:        +44 1273 747432
fax-no:       +44 1273 747452
e-mail:      ***********@mistral.co.uk
trouble:      Information: http://www.mistral.co.uk/
trouble:      Questions? ******************@mistral.co.uk
trouble:      Problems? *************@mistral.co.uk
admin-c:      MH14860-RIPE
admin-c:      DE1266-RIPE
admin-c:      PE2639-RIPE
tech-c:       MH14860-RIPE
tech-c:       DE1266-RIPE
tech-c:       PE2639-RIPE
nic-hdl:      MH14860-RIPE
notify:      ************@ripe.net
mnt-by:       MISTRALNOC
changed:     ****@mistral.co.uk 20000525
changed:     ****@mistral.co.uk 20000526
changed:     ********@mistral.co.uk 20020716
changed:     *****@mistral.net 20030523
source:       RIPE

person:       Brenda Eastaff
address:      Commercial Aerospace Services Co. Limited
address:      Aviation Centre    Star Estate
address:      Partridge Green
address:      West Sussex
address:      RH13 8RA
phone:        +441403 711444
e-mail:      *******@casco.arero
nic-hdl:      BE325-RIPE
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE



JJ
0
 
SheharyaarSaahilCommented:
Hello DMS-X =)

Have u read here abt this worm >> http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle@mm!zip.html
:-?
0
 
SheharyaarSaahilCommented:
0
 
DMS-XAuthor Commented:
All of the other whois databases I tried came back empty. I will remember this one.

Thanks!
0
 
Justin DurrantSr. Engineer - Windows Server/VirtualizationCommented:
No Prob
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.