On Thu, 14 Jul 2016 10:37:32 -0400 Alvin Starr <[email protected]> wrote: <snip snip> > >> Tue, 12 Jul 2016 19:59:59 -0400 Yahoo! Inc. 8 > >> Tue, 12 Jul 2016 15:22:56 -0400 CheatCodes.com 13 > >> Wed, 13 Jul 2016 19:59:59 -0400 google.com 785 > >> Wed, 13 Jul 2016 14:49:03 -0400 CheatCodes.com 3 > >> So about cheatcodes.com. > > hmm, looks like this could be a fake reverse zone for a private ip > > on your home pvt network? > > If you look at my headers I have a pvt range setup with a inaddr to > > cow.co.za :) - my DMARC would report "cow.co.za" on the sec gw > > 192.168. - otherwise you could have malware, either way - you should > > have fun figuring it out :) > DMARC reports the sending IP. and in my case the sending ip is my > firewall. That is what got me going.
in the report it's just a name - it can be anything - even "hello world" like mine is cow... i just had a thought... cheatcodes.com - do you have a teenager / gamer in the house :) oh, and btw - how are you blocking the outgoing ports? in theory you/malware/teenager/? would be opening example port 34912 (r high) --> 25 (or whatever) > I know it cannot be my laptop because that runs Linux and we all know > that is impervious to hacks. > OOPS. My android phones also run Linux(of sorts)... > Possibly its time to re-evaluate this belief. > i would still choose a hardened *nix/bsd over anything else any day > > > > > > --- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
