Re: netbot'd ?
On Fri, Feb 02, 2007 at 03:02:18PM -0600, Hugo Vanwoerkom wrote:
> Hi,
>
> What do you call having been infected by a program that sends thousands
> of emails out without you knowing it.?
>
> Anyway I received via my ISP's email server several emails that claimed
> my box sent out thousands of emails over the weekend.
>
> It asked me to open + execute an attached file for an explanation of how
> to avoid it. (Which I did not)
>
> Several things were fishy:
> 1. The notes were in English and the ISP is Mexican and the userid
> Mexican, so why the English?
> 2. The box is firewalled and chkrootkit 0.47 detects noting.
> 3. This is a dialup account, so the IP changes all the time.
> 4. I have tleds installed and I notice no undue activity, but the system
> runs unattended often.
>
> But it brings up an interesting question:
>
> How would you find out if this was the case?
>
Exim logs?
Reply to:
- References:
- netbot'd ?
- From: Hugo Vanwoerkom <hvw59601@care2.com>