netbot'd ?

Hi,

What do you call having been infected by a program that sends thousandsof emails out without you knowing it.?

Anyway I received via my ISP's email server several emails that claimedmy box sent out thousands of emails over the weekend.

It asked me to open + execute an attached file for an explanation of howto avoid it. (Which I did not)


Several things were fishy:

1. The notes were in English and the ISP is Mexican and the useridMexican, so why the English?

2. The box is firewalled and chkrootkit 0.47 detects noting.
3. This is a dialup account, so the IP changes all the time.

4. I have tleds installed and I notice no undue activity, but the systemruns unattended often.


But it brings up an interesting question:

How would you find out if this was the case?

Hugo

Reply to:

Follow-Ups:
- Re: netbot'd ?
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>
- Re: netbot'd ?
  - From: John Hasler <jhasler@debian.org>
- Re: netbot'd ?
  - From: Carl Fink <carl@finknetwork.com>
- Re: netbot'd ?
  - From: Hugo Vanwoerkom <hvw59601@care2.com>