Full Disclosure mailing list archives
Re: Forensics help - Outgoing email
From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com>
Date: Sun, 18 Jun 2006 16:54:32 +0100
castellan2004-fd () yahoo com wrote:
Recently, I was introduced to the torrent network (primarily because I wanted to download some Linux distros). My curiosity made me download other audio torrents to see the efficiency of the torrent network. One thing I have noticed on my system is that there is an email being sent out periodically to some system (247.16.delicado.com.uy). When the email is being sent out, the AVG Anti Virus is scanning the email, which is how I found out about the delicado.com.uy system. I do not know what is being sent out. Can the torrent files compromise security on your system? Has my system been compromised and become part of a bot network? How do I find out what is causing this email to go out? How do I fix this problem?
One possible explanation is that one of the music files you downloaded wasn't actually an mp3 but a virus-infected exe, with a name like 'foo.mp3.exe' or 'foo.mp3 .exe' that can easily slip past your notice if you aren't paying full attention. I suggest you run a full scan with AVG, and perhaps try out one or two of the on-line virus scanners as well. On the other hand, some versions of the torrent software are known to have been bundled with ad/spyware, so perhaps you should run AdAware or SpyBot S'n'D as well? cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Forensics help - Outgoing email castellan2004-fd (Jun 17)
- Re: Forensics help - Outgoing email Dave "No, not that one" Korn (Jun 18)
- Re: Re: Forensics help - Outgoing email Cardoso (Jun 18)
- Re: Forensics help - Outgoing email Dave "No, not that one" Korn (Jun 18)