How can I find a computer on my network that is doing mass mailings?

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Alex Ciarlill on Server Fault See other posts from Server Fault or by Alex Ciarlill
Published on 2010-03-16T21:23:22Z Indexed on 2010/03/16 21:31 UTC
Read the original article Hit count: 159

Filed under:
|

I was notified by my isp that one of my machines is sending out spam. This happened about 3 months ago on windows machine running cygwin that was hacked due to an SSH vuln.

The hackers setup IIS and SMTP. I cleared out the machine and all the services are disabled so I think that machine is okay

I am wondering if there is any other way to identify which machine it could be coming from?

The ISP has NO useful information such as source port, destination port, destination IP... nothing.

I am running DD-WRT on my router, Windows 7 PC and a Windows XP PC.

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about smtp

Related posts about spam

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle