[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Emails being sent from my network

Langdon Green skrev:

>   Hi guys, I am having a bit of trouble with some dodgy emails getting
> sent to my friend...they are strange, not just normal spam, the emails
> have information that is from my company web site (hosted off
> site) Anyway, the header of the emails has this line: Received: from
> Wzk ([MYIP]) by out.somewhere.net Does this indicate a computer on my
> network has be hacked, and is emailing this? I am running a debian
> router with an ipchains firewall, on a small masqueraded home network,
> with a debian file server running samba. I have had a look on the
> router for anything suspicious, but there is just too many things it
> could be.  I am in the process of making a new router that will have
> IDS installed (I know I know, but I was in a rush:) Any
> Ideas? Langdon

Without having the opportunity to look at a complete message with full
headers, I can't say for sure.
It spells virus to me if you have something attached to the mesage as
well. If someone on the inside of your network
are using MS products and doesn't have functional virus protection,
updated of course, then it's very likely they
will catch eMailviruses.

The security guy at our place put it.
"Not having an updated virus protection on a Windoze box today, is like
trying to cure human flue by eating popcorn."


To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: