Track IP address of virus sender's system

Learn the tools you need to track an IP address of a virus sender's system.

Richard Luckett, Learn IT Solution Group LLC

Published: 16 Jan 2006

How can I track the IP address of the virus sender's system?

You can use a tool like Sam Spade to "help" you find the source of the infected item by parsing e-mail headers and performing Who is lookups on the source IP addresses.

The bad news is that it will usually lead to a dead end (unregistered block of IP addresses) or a zombie (Grandpa's unprotected and severely infected machine). Not to say that work won't pay off at all, because now you can filter all mail coming from that IP address. But, you know the downside -- there are bad people that aren't directly involved with these bots. And there are plenty more zombies for the bots to use.

I think as long as you are going to stay connected to the Internet you have to consistently ask yourself: How can I do a better job of preventing the viruses I'm receiving from infecting me?

Do you have comments on this Ask the Expert Q&A? Let us know.

Related information from SearchExchange.com:

Peer Advice: Antivirus programs -- which one do you prefer?

Free Download: EICAR's Antivirus Test File

Resource Center: Virus Protection tips and resources

Dig Deeper on Exchange Server setup and troubleshooting

Silent DDoSer

Microsoft offers bounty in hunt for Rustock spambot operators A $250,000 reward is being offered to anyone who provides new information that results in the identification, arrest and criminal conviction of the cybercriminals behind the Rustock botnet.

bot worm A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that functions as a vehicle for the spread of viruses, Trojans and spam... (Continued)

Australian ISP code could defeat new generation of DDoS attacks, says Imperva The Australian Internet Industry Association (IIA) has called on ISPs across the country to adopt a voluntary code of conduct on cyber security.

Security researchers continue hunt for Conficker authors The Conficker botnet remains dormant, but several ongoing investigations are turning up mounting evidence against those responsible for the worm.

Related Q&A from Richard Luckett

Why is there an Outlook folder missing from Outlook Web App?

Some folders in a mailbox on Exchange Server 2013 are not showing up on the folder list in the OWA virtual directory but do appear in other views. Continue Reading

Why won't the Exchange 2013 Edge Transport Server install?

We have a Client Access Server and Mailbox Server on Exchange 2013 and we want to install an Edge Transport role on another machine. I joined the ... Continue Reading

How do I configure Outlook Anywhere for specific external use?

How can I enable Outlook Anywhere to allow internal use for all users and external use for only some users in Exchange 2013? Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Windows Server experts

View all Windows Server questions and answers

SearchServerVirtualization

How to deploy graphics devices using Hyper-V DDA

Admins can map a VM to a GPU with Hyper-V, but they must first complete a few steps, such as prepare the VM and dismount the PCIe...

Learn to integrate VMs and containers in your data center

The VMs vs. containers debate is popular among admins, but integrations of the two technologies have begun to emerge with the ...

Dockerfile commands for containerizing applications

Admins can use Dockerfiles to containerize their applications and ease deployment. They can implement several commands to help ...

SearchCloudComputing

Review these Azure Service Bus best practices

When applications talk, you need to listen. Learn about Microsoft's cloud messaging service, its main features, best practices to...

Instill cloud change management best practices

Automation is essential to change management in the cloud. Discover the best practices that ensure your IT team is in sync and ...

How much cloud does an IT disaster recovery plan need?

It's not easy to get the right mix of traditional and cloud-based DR resources. Here's how to strike a balance between what's ...

SearchSQLServer

SQL Server database design best practices and tips for DBAs

Good database design is a must to meet processing needs in SQL Server systems. In a webinar, consultant Koen Verbeeck offered ...

SQL Server in Azure database choices and what they offer users

SQL Server databases can be moved to the Azure cloud in several different ways. Here's what you'll get from each of the options ...

Using a LEFT OUTER JOIN vs. RIGHT OUTER JOIN in SQL

In this book excerpt, you'll learn LEFT OUTER JOIN vs. RIGHT OUTER JOIN techniques and find various examples for creating SQL ...

SearchEnterpriseDesktop

Microsoft extends Office 365 benefit to nonprofit volunteers

Thursday's announcement extends the company's September offering of 10 free Microsoft 365 Business licenses for nonprofits' ...

Cut through confusion of the digital workspace market

What is a digital workspace, exactly? Find out the definition of this new technology, what it means for the future of end-user ...

Windows 10 issues top list of most read stories for IT pros

IT pros seemed focused on the latest Microsoft OS, based on our most read stories for 2019. That may not come as a surprise, ...

SearchVirtualDesktop

Benefits of virtualization highlighted in top 10 stories of 2019

Based on our top 10 most-read stories of 2019, IT pros sought to learn the benefits of virtualization, as well as the drawbacks, ...

VMware vs. Citrix: VDI security showdown

When it comes to VDI, Citrix and VMware are the two biggest players in the market. But which platform offers more security? Find ...

Understand VDI market shifts from traditional VDI to cloud

As the VDI market shifts to cloud-based VDI and DaaS, it's important to understand the bigger picture. Understand the benefits ...

Track IP address of virus sender's system

Learn the tools you need to track an IP address of a virus sender's system.

Dig Deeper on Exchange Server setup and troubleshooting

Related Q&A from Richard Luckett

Why is there an Outlook folder missing from Outlook Web App?

Why won't the Exchange 2013 Edge Transport Server install?

How do I configure Outlook Anywhere for specific external use?

Have a question for an expert?

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

How to deploy graphics devices using Hyper-V DDA

Learn to integrate VMs and containers in your data center

Dockerfile commands for containerizing applications

SearchCloudComputing

Review these Azure Service Bus best practices

Instill cloud change management best practices

How much cloud does an IT disaster recovery plan need?

SearchSQLServer

SQL Server database design best practices and tips for DBAs

SQL Server in Azure database choices and what they offer users

Using a LEFT OUTER JOIN vs. RIGHT OUTER JOIN in SQL

SearchEnterpriseDesktop

Microsoft extends Office 365 benefit to nonprofit volunteers

Cut through confusion of the digital workspace market

Windows 10 issues top list of most read stories for IT pros

SearchVirtualDesktop

Benefits of virtualization highlighted in top 10 stories of 2019

VMware vs. Citrix: VDI security showdown

Understand VDI market shifts from traditional VDI to cloud

Dig Deeper on Exchange Server setup and troubleshooting

Related Q&A from Richard Luckett

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.