On Tue, 10 Jun 2003, Bryan Fritchie wrote:
> 192.168.*.* are reserved for an internal network.  While an internal network
> can be setup to use any IP address range, I believe this range is guaranteed
> to never be assigned to a "real" network.

Thank you.  And thanks to those who sent sources of online tools.  I was
going to mention samspade.org, which I finally remembered (memory ain't
what it used to be), but Bill Salmon has done that.

Anyway, just fyi, the list isn't distributing the infected email, but the
infected computer/system is doing nasty things with list postings and
subscribers' addresses gleaned from present email inbox/folder/addressbook;
whatever it can latch onto.  Of course, some subscribers think the stuff is
being sent through the list, even though it is obvious that it isn't.
The worm which we seem to be dealing with here, with several possiblly
infected sites (they keep passing it back and forth?), is likely

> a new Bugbear strain; W32.Bugbear.B@mm:
[log in to unmask]" target="_blank">http:[log in to unmask]
>
> I've also been getting hit with W32.Bugbear.B.Dam; which is still wild:
> http://securityresponse.symantec.com/avcenter/venc/dyn/33489.html

Thanks for all the helpful replies.

Douglas Winship
[log in to unmask]