[Dshield] [DShield] Need Help - Or Advise
mwydra1 at comcast.net
Fri Aug 19 00:41:32 GMT 2005
First - THANK-YOU to whoever it was that posted the warning about the "Osama Bin Laden Captured" hoax. Someone sent me the damn thing today and no - I didn't open the attachment. I also received another one called "The Post Office," which also has an attachment, and looks fishy.
I don't have a spare machine set up that I could run these things on (and see what they are) but if someone else wants the honors, I can forward. What I need help/advise on is this: I think I know how to determine the originating IP from the headers. In these two cases, it appears that both e-mails came out of Europe (Both went through the Netherlands). Am I correct that the VERY first "received" line is the senders IP addy? Thanks for any answers. I know you guys are busy with the current patch crisis.
More information about the list