[Towertalk] Anyone know how to read these headers?
Bob Nielsen
nielsen@oz.net
Fri, 26 Apr 2002 21:35:06 -0700
On Fri, Apr 26, 2002 at 09:23:31PM -0400, Bill Otten wrote:
> With all the discussion on the W32 Klez virii around, there was a suggestion
> to read the headers in order to see where a post might have come from. I
> don't know how to read through all this hieroglyphic header stuff but I
> thought perhaps it might serve as a clue for someone. Might lead to helping
> someone find out if they've a virus in their system, but I'd need some help
> with deciphering.....
> Received: from Fjfidcduy ([68.64.226.171]) by out020.verizon.net
> (InterMail vM.5.01.04.05 201-253-122-122-105-20011231) with SMTP
> id <20020427005426.NUVW1765.out020.verizon.net@Fjfidcduy>
> for <hsz102@psu.edu>; Fri, 26 Apr 2002 19:54:26 -0500
This line shows that it originated from the IP address 68.64.226.171.
$ host 68.64.226.171
Name: pa-steclge-u3-c4a-171.stcgpa.adelphia.net
Address: 68.64.226.171
and a whois search for adelphia.net shows:
Adelphia Communications Corp. (ADELPHIA2-DOM)
Main at Water
Coudersport, PA 16915
US
Domain Name: ADELPHIA.NET
Administrative Contact, Billing Contact:
Scott, Joelle (JSE388) joelle@ADELPHIA.NET
Adelphia Business Solutions
712 North Main Street
Coudersport, PA 16915
888-512-5111 (FAX) 814-274-7370
Technical Contact:
Hostmaster, Adelphia (HA143-ORG) hostmaster@ADELPHIA.NET
Adelphia Communications Corp.
Main at Water Street
Coudersport, PA 16915
US
888-512-5111
Fax- 814-274-0780
73,
Bob N7XY