[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: netbot'd ?

On Fri, Feb 02, 2007 at 03:02:18PM -0600, Hugo Vanwoerkom wrote:
> Hi,
> What do you call having been infected by a program that sends thousands 
> of emails out without you knowing it.?
> Anyway I received via my ISP's email server several emails that claimed 
> my box sent out thousands of emails over the weekend.
> It asked me to open + execute an attached file for an explanation of how 
> to avoid it. (Which I did not)
> Several things were fishy:
> 1. The notes were in English and the ISP is Mexican and the userid 
> Mexican, so why the English?
> 2. The box is firewalled and chkrootkit 0.47 detects noting.
> 3. This is a dialup account, so the IP changes all the time.
> 4. I have tleds installed and I notice no undue activity, but the system 
> runs unattended often.
> But it brings up an interesting question:
> How would you find out if this was the case?

Exim logs?

Reply to: