lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun Jun 18 16:54:53 2006 From: davek_throwaway at hotmail.com (Dave "No, not that one" Korn) Subject: Re: Forensics help - Outgoing email castellan2004-fd@...oo.com wrote: > Recently, I was introduced to the torrent network > (primarily because I wanted to download some Linux > distros). My curiosity made me download other audio > torrents to see the efficiency of the torrent network. > One thing I have noticed on my system is that there > is an email being sent out periodically to some system > (247.16.delicado.com.uy). When the email is being > sent out, the AVG Anti Virus is scanning the email, > which > is how I found out about the delicado.com.uy system. > I do not know what is being sent out. Can the torrent > files compromise security on your system? Has my > system been compromised and become part of a bot > network? How do I find out what is causing this email > to go out? How do I fix this problem? One possible explanation is that one of the music files you downloaded wasn't actually an mp3 but a virus-infected exe, with a name like 'foo.mp3.exe' or 'foo.mp3 .exe' that can easily slip past your notice if you aren't paying full attention. I suggest you run a full scan with AVG, and perhaps try out one or two of the on-line virus scanners as well. On the other hand, some versions of the torrent software are known to have been bundled with ad/spyware, so perhaps you should run AdAware or SpyBot S'n'D as well? cheers, DaveK -- Can't think of a witty .sigline today....
Powered by blists - more mailing lists