While researching the header for the following email, it was traced as
originating from an IP address of 158.147.93.56 through use of a Hotmail
account. This being an IP in a netblock owned by Harris Communications,
I would personally anticipate that something be done to handle this
abusive user. It does not reflect well upon Harris Corporation and is
certainly not behavior that is to be tolerated on this mailing list.
I may be contacted through the following information.
Marty Hillman, IT Director
Tech-Pro, Inc.
3000 Centre Pointe Drive
Roseville, MN 55113-1122
(651) 634-1409 Direct
(651) 634-1499 Fax
[EMAIL PROTECTED]
Originating email with all headers follows:
_______________
Microsoft Mail Internet Headers Version 2.0
Received: from py-out-1314.google.com ([64.233.166.172]) by
mail.tech-pro.com with Microsoft SMTPSVC(6.0.3790.1830);
Wed, 20 Sep 2006 11:44:39 -0500
Received: by py-out-1314.google.com with SMTP id c60so1679380pyc
for <[EMAIL PROTECTED]>; Wed, 20 Sep 2006 09:44:38 -0700
(PDT)
Received: by 10.35.128.17 with SMTP id f17mr1018571pyn;
Wed, 20 Sep 2006 09:42:37 -0700 (PDT)
Received: by 10.11.54.77 with SMTP id c77gr884cwa;
Wed, 20 Sep 2006 09:42:37 -0700 (PDT)
X-Sender: [EMAIL PROTECTED]
X-Apparently-To: [email protected]
Received: by 10.36.145.2 with SMTP id s2mr4960457nzd; Wed, 20 Sep 2006
09:42:33 -0700 (PDT)
Return-Path: <[EMAIL PROTECTED]>
Received: from bay0-omc2-s33.bay0.hotmail.com
(bay0-omc2-s33.bay0.hotmail.com [65.54.246.169]) by mx.googlegroups.com
with ESMTP id h71si4578487nzf.2006.09.20.09.42.33; Wed, 20 Sep 2006
09:42:33 -0700 (PDT)
Received-SPF: pass (googlegroups.com: domain of [EMAIL PROTECTED]
designates 65.54.246.169 as permitted sender)
Received: from hotmail.com ([207.46.10.97]) by
bay0-omc2-s33.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830);
Wed, 20 Sep 2006 09:42:33 -0700
Received: from mail pickup service by hotmail.com with Microsoft
SMTPSVC; Wed, 20 Sep 2006 09:42:30 -0700
Message-ID: <[EMAIL PROTECTED]>
Received: from 207.46.10.123 by by121fd.bay121.hotmail.msn.com with
HTTP; Wed, 20 Sep 2006 16:42:27 GMT
X-Originating-IP: [158.147.93.56]
X-Originating-Email: [EMAIL PROTECTED]
X-Sender: [EMAIL PROTECTED]
In-Reply-To:
<[EMAIL PROTECTED]>
From: "Javier Vasquez" <[EMAIL PROTECTED]>
To: [email protected]
Bcc:
Subject: [ossec-list] Re: OSSEC Documentation Project
Date: Wed, 20 Sep 2006 12:42:27 -0400
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 20 Sep 2006 16:42:30.0265 (UTC)
FILETIME=[C37DCE90:01C6DCD3]
Return-Path: [EMAIL PROTECTED]
Reply-To: [email protected]
Sender: [email protected]
Precedence: bulk
X-Google-Loop: groups
Mailing-List: list [email protected];
contact [EMAIL PROTECTED]
List-Id: <ossec-list.googlegroups.com>
List-Post: <mailto:[email protected]>
List-Help: <mailto:[EMAIL PROTECTED]>
List-Unsubscribe: <http://googlegroups.com/group/ossec-list/subscribe>,
<mailto:[EMAIL PROTECTED]>
-----Original Message-----
From: [email protected] [mailto:[EMAIL PROTECTED]
On Behalf Of Javier Vasquez
Sent: Wednesday, September 20, 2006 11:42 AM
To: [email protected]
Subject: [ossec-list] Re: OSSEC Documentation Project
FUCK YOU!!!!!!!!!!
>From: "Daniel Cid" <[EMAIL PROTECTED]>
>Reply-To: [email protected]
>To: [email protected]
>Subject: [ossec-list] Re: OSSEC Documentation Project
>Date: Tue, 19 Sep 2006 23:51:18 -0300
>
>
>Hi Marty,
>
>Great idea and initiative. I hope to see some great suggestions and
>documents
>showing up in the wiki as a result of that :) Some topics that are
>constantly
>asked in the list (or to me personally):
>
>-How to add more log files to be monitored?
>-How to execute a pre-compiled (binary) install of ossec?
>-How to write a new rule/decoder (simple, complex, correlation, etc)?
>
>Thanks,
>
>--
>Daniel B. Cid
>dcid ( at ) ossec.net
>
>
>On 9/18/06, Marty E. Hillman <[EMAIL PROTECTED]> wrote:
>>
>>
>>
>>
>>Unless Daniel slaps my hand for usurping his authority ;-), I would
like
>>to
>>invite people to compile a list of help topics that they would like to
see
>>explained in the wiki. Many of us muddle our way through the
>>configuration
>>issues and find best practices for getting the software to work the
way we
>>want. Many times, it is a recurring issue that should be answered in
the
>>FAQ. We should adequately document the processes so that we can free
>>Daniel
>>to have more development time. It will also keep us from providing
the
>>same
>>answers repeatedly as new people discover the software. Hopefully we
can
>>do
>>that to make configuration easier for everybody.
>>
>>
>>
>>I am willing to contribute as much time as I can to documenting things
I
>>know about (admittedly that is not much). But I am not afraid to
learn
>>either, so if you want to throw me your ideas, I will do my best to
>>provide
>>easy to understand answers. I know that there are others out there
>>willing
>>to do the same and I encourage them to do so.
>>
>>
>>
>>Thoughts? Ideas? Suggestions?
>>
>>
>>
>>
>>
>>This electronic mail (including any attachments) may contain
information
>>that is privileged, confidential, and/or otherwise protected from
>>disclosure
>>to anyone other than its intended recipient(s). Any dissemination or
use
>>of
>>this electronic email or its contents (including any attachments) by
>>persons
>>other than the intended recipient(s) is strictly prohibited. If you
have
>>received this message in error, please notify us immediately by reply
>>email
>>so that we may correct our internal records. Please then delete the
>>original
>>message (including any attachments) in its entirety. Thank you.
This electronic mail (including any attachments) may contain information that
is privileged, confidential, and/or otherwise protected from disclosure to
anyone other than its intended recipient(s). Any dissemination or use of this
electronic email or its contents (including any attachments) by persons other
than the intended recipient(s) is strictly prohibited. If you have received
this message in error, please notify us immediately by reply email so that we
may correct our internal records. Please then delete the original message
(including any attachments) in its entirety. Thank you.
