I am also sorry to be posting something not firewall related to
firewalls, however if this hasn't made it here yet it may be of interest.
The ray of hope may be that in more than 350 complaints to me so far there have
been only 3 password files, (all of which were sent back minus passwords to
the user and root at the site with a "never do this" message).
My standard canned reply:
The message was a forgery from a stolen account on helix.net.
The admins at helix.net and the real CERT folks have been notified. As far as
we are aware no account or machines at SFU were involved in this other than
as the target of the forgery.
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada