Solved

W32.Beagle@mm!zip virus

Posted on 2004-09-15
5
510 Views
Last Modified: 2010-05-18
Someone who works for our company keeps getting emails that have the virus W32.Beagle@mm!zip.
In the header it says
Received: from SAXP03.com (unknown [217.154.145.67])
As I understand it the return sender is spoofed so this does me no good. Is there a way to find out what ISP owns this IP address.

Thanks,
DMS
0
Comment
Question by:DMS-X
  • 2
  • 2
5 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12066070
Hello DMS-X =)

Have u read here abt this worm >> http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle@mm!zip.html
:-?
0
 
LVL 23

Accepted Solution

by:
Justin Durrant earned 500 total points
ID: 12066074
Hi DMS-X,


According to whois:

Country: UNITED KINGDOM


% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html

inetnum:      217.154.145.64 - 217.154.145.71
netname:      MISTRAL-ADSL-COMMERCIAL-AEROSPACE
descr:        ADSL: Commercial Aerospace Services Co. Limited
country:      GB
admin-c:      BE325-RIPE
tech-c:       MH14860-RIPE
status:       ASSIGNED PA
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE

route:        217.154.0.0/16
descr:        MISTRAL-ROUTE-217.154
descr:        Original Mistral Block 3
descr:        ALLOCATED PA Space do not break up
origin:       AS8897
mnt-by:       MISTRALNOC
changed:     ********@mistral.net 20021230
source:       RIPE

role:         Mistral Hostmaster
address:      Mistral Internet Group Limited
address:      5th Floor, Tower Point, 44 North Road
address:      Brighton
address:      East Sussex
address:      UK
address:      BN1 1YR
phone:        +44 1273 747432
fax-no:       +44 1273 747452
e-mail:      ***********@mistral.co.uk
trouble:      Information: http://www.mistral.co.uk/
trouble:      Questions? ******************@mistral.co.uk
trouble:      Problems? *************@mistral.co.uk
admin-c:      MH14860-RIPE
admin-c:      DE1266-RIPE
admin-c:      PE2639-RIPE
tech-c:       MH14860-RIPE
tech-c:       DE1266-RIPE
tech-c:       PE2639-RIPE
nic-hdl:      MH14860-RIPE
notify:      ************@ripe.net
mnt-by:       MISTRALNOC
changed:     ****@mistral.co.uk 20000525
changed:     ****@mistral.co.uk 20000526
changed:     ********@mistral.co.uk 20020716
changed:     *****@mistral.net 20030523
source:       RIPE

person:       Brenda Eastaff
address:      Commercial Aerospace Services Co. Limited
address:      Aviation Centre    Star Estate
address:      Partridge Green
address:      West Sussex
address:      RH13 8RA
phone:        +441403 711444
e-mail:      *******@casco.arero
nic-hdl:      BE325-RIPE
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE



JJ
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12066087
0
 
LVL 1

Author Comment

by:DMS-X
ID: 12066361
All of the other whois databases I tried came back empty. I will remember this one.

Thanks!
0
 
LVL 23

Expert Comment

by:Justin Durrant
ID: 12066384
No Prob
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question