vaida bogdan wrote:
GW1 is a linux system.
Then netstat does work fine.
thanks for the info, any other ideeas ?
I usually filter out the outgoing traffic from the infected machine, that way your mail server doesn't get swamped and you don't have to go tell the infected machine user to turn it off (but your LAN is vulnerable if the virus uses other ways to propagate, so that machine has to be cleaned as soon as possible).
I don't have an automated detector installed but there are probably some, and that would be useful also (from a LAN admin's viewpont). Something like the automated log checking done by several packages, for instance Nagios or LogSurfer+.
Regards. -- René Berber
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
