How can I find a computer on my network that is doing mass mailings?

Posted by Alex Ciarlill on Super User See other posts from Super User or by Alex Ciarlill
Published on 2010-03-16T21:23:22Z Indexed on 2010/03/17 0:21 UTC
Read the original article Hit count: 363

Filed under:
|

I was notified by my isp that one of my machines is sending out spam. This happened about 3 months ago on windows machine running cygwin that was hacked due to an SSH vuln.

The hackers setup IIS and SMTP. I cleared out the machine and all the services are disabled so I think that machine is okay

I am wondering if there is any other way to identify which machine it could be coming from?

The ISP has NO useful information such as source port, destination port, destination IP... nothing.

I am running DD-WRT on my router, Windows 7 PC and a Windows XP PC.

© Super User or respective owner

Related posts about smtp

Related posts about spam