Langdon Green skrev: > Hi guys, I am having a bit of trouble with some dodgy emails getting > sent to my friend...they are strange, not just normal spam, the emails > have information that is from my company web site (hosted off > site) Anyway, the header of the emails has this line: Received: from > Wzk ([MYIP]) by out.somewhere.net Does this indicate a computer on my > network has be hacked, and is emailing this? I am running a debian > router with an ipchains firewall, on a small masqueraded home network, > with a debian file server running samba. I have had a look on the > router for anything suspicious, but there is just too many things it > could be. I am in the process of making a new router that will have > IDS installed (I know I know, but I was in a rush:) Any > Ideas? Langdon
Without having the opportunity to look at a complete message with full headers, I can't say for sure. It spells virus to me if you have something attached to the mesage as well. If someone on the inside of your network are using MS products and doesn't have functional virus protection, updated of course, then it's very likely they will catch eMailviruses. The security guy at our place put it. "Not having an updated virus protection on a Windoze box today, is like trying to cure human flue by eating popcorn." Regards /Karl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
