How can I find a computer on my network that is doing mass mailings?
Posted
by Alex Ciarlill
on Super User
See other posts from Super User
or by Alex Ciarlill
Published on 2010-03-16T21:23:22Z
Indexed on
2010/03/17
0:21 UTC
Read the original article
Hit count: 363
I was notified by my isp that one of my machines is sending out spam. This happened about 3 months ago on windows machine running cygwin that was hacked due to an SSH vuln.
The hackers setup IIS and SMTP. I cleared out the machine and all the services are disabled so I think that machine is okay
I am wondering if there is any other way to identify which machine it could be coming from?
The ISP has NO useful information such as source port, destination port, destination IP... nothing.
I am running DD-WRT on my router, Windows 7 PC and a Windows XP PC.
© Super User or respective owner