Results 1 to 2 of 2
Hi all, A friend of mine has a server which now currenty doesn't work because he has been disconnected from the internet by his provider. The reason why i'm asking ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 03-25-2006 #1
- Join Date
- Jan 2006
server sending spam to unexisting emails.
A friend of mine has a server which now currenty doesn't work because he has been disconnected from the internet by his provider. The reason why i'm asking this question. He has a server which he followed the how-to that is on Howtoforge.com with ISPConfig etc. Well, now his server started sending *spam* to not existing email addressing but to existing IP addresses. His provider got a mail from the person who got this spam mail and they disconnected him from the internet. So i'm asking the question for him. Anyway, Could this be spam of some sort ? He is running Debian GNU/Linux Sarge. ClamAV did not find anything, and checking the mail logs didn't result in anything, the IP in question wasn't in the mail log nor we're the e-mail addresses in question in there.
Could there be spyware on the server ? And if so .. with what application should he check for spyware on his debian server?
- 03-27-2006 #2
just a thought: try Chkrootkit and rkhunter to see if you have rootkits.
The spam is probably due to the server having an insecure setup though ....
Start disabling all daemons you aren't using and go through the logs.