Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

W32.Beagle@mm!zip virus

Posted on 2004-09-15
5
Medium Priority
?
514 Views
Last Modified: 2010-05-18
Someone who works for our company keeps getting emails that have the virus W32.Beagle@mm!zip.
In the header it says
Received: from SAXP03.com (unknown [217.154.145.67])
As I understand it the return sender is spoofed so this does me no good. Is there a way to find out what ISP owns this IP address.

Thanks,
DMS
0
Comment
Question by:DMS-X
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12066070
Hello DMS-X =)

Have u read here abt this worm >> http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle@mm!zip.html
:-?
0
 
LVL 23

Accepted Solution

by:
Justin Durrant earned 2000 total points
ID: 12066074
Hi DMS-X,


According to whois:

Country: UNITED KINGDOM


% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html

inetnum:      217.154.145.64 - 217.154.145.71
netname:      MISTRAL-ADSL-COMMERCIAL-AEROSPACE
descr:        ADSL: Commercial Aerospace Services Co. Limited
country:      GB
admin-c:      BE325-RIPE
tech-c:       MH14860-RIPE
status:       ASSIGNED PA
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE

route:        217.154.0.0/16
descr:        MISTRAL-ROUTE-217.154
descr:        Original Mistral Block 3
descr:        ALLOCATED PA Space do not break up
origin:       AS8897
mnt-by:       MISTRALNOC
changed:     ********@mistral.net 20021230
source:       RIPE

role:         Mistral Hostmaster
address:      Mistral Internet Group Limited
address:      5th Floor, Tower Point, 44 North Road
address:      Brighton
address:      East Sussex
address:      UK
address:      BN1 1YR
phone:        +44 1273 747432
fax-no:       +44 1273 747452
e-mail:      ***********@mistral.co.uk
trouble:      Information: http://www.mistral.co.uk/
trouble:      Questions? ******************@mistral.co.uk
trouble:      Problems? *************@mistral.co.uk
admin-c:      MH14860-RIPE
admin-c:      DE1266-RIPE
admin-c:      PE2639-RIPE
tech-c:       MH14860-RIPE
tech-c:       DE1266-RIPE
tech-c:       PE2639-RIPE
nic-hdl:      MH14860-RIPE
notify:      ************@ripe.net
mnt-by:       MISTRALNOC
changed:     ****@mistral.co.uk 20000525
changed:     ****@mistral.co.uk 20000526
changed:     ********@mistral.co.uk 20020716
changed:     *****@mistral.net 20030523
source:       RIPE

person:       Brenda Eastaff
address:      Commercial Aerospace Services Co. Limited
address:      Aviation Centre    Star Estate
address:      Partridge Green
address:      West Sussex
address:      RH13 8RA
phone:        +441403 711444
e-mail:      *******@casco.arero
nic-hdl:      BE325-RIPE
mnt-by:       MISTRALNOC
changed:     ***********@mistral.co.uk 20030919
source:       RIPE



JJ
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12066087
0
 
LVL 1

Author Comment

by:DMS-X
ID: 12066361
All of the other whois databases I tried came back empty. I will remember this one.

Thanks!
0
 
LVL 23

Expert Comment

by:Justin Durrant
ID: 12066384
No Prob
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Check out what's been happening in the Experts Exchange community.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question