Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 4 of 4 Posts

·
Registered
Joined
·
148 Posts
Discussion Starter · #1 ·
Hi All.

The IP of my companys network has been blacklisted to what I'm assuming is a trojan that is hijacking my unauthenticated smtp server to send out spam.

The CBL confirms this.

I have had this problem before on a network where the were only 5 computers, making it easy to find the compromised PC, but there are around 60 machines on this network and I'm wondering if there's a way to find which machine is compromised short of physically walking to each PC around our campus...

Trend Micro Worry Free Business Anti-Virus has failed to initially detect/remove/alert me to the virus.

Any Ideas? Please help!
 

·
Registered
Joined
·
148 Posts
Discussion Starter · #3 ·
Do I need to have a gateway PC set up or something? The only NIC I can see is my own, and I'm positive my PC is not the compromised one :p

Also, how can I filter by SMTP?

Thank you :)
 

·
Registered
Joined
·
148 Posts
Discussion Starter · #4 ·
Figured out how to filter by SMTP... that was an easy one :p

Though I can still only see connnections from my NIC.

Anyone know a guide on how to install a Gateway PC? If that is infact what I need?

I dont know how I could configure it to collect and capture from ALL my networks interfaces
 
1 - 4 of 4 Posts
Status
Not open for further replies.
Top