strange windows behaviour.

[Peter Moody <peter () ucsc edu>]

Hello all,

I've got a bit of a problem, and I was wondering if anyone on this list
has seen similar things.  Recently, we've been having student windows
machines on our residential network begin spewing large, massive (on the
order of hundreds of thousands in a few hours) spam messages at our mail
servers.  We promptly disconnect the machines and head down to do some
forensic work on the boxes when we get a chance (usually after they call
to complain that the internet has died).

I've been trying to find information on this, but the most I've been
able to come up with is an advisory from symantec's threat management
system saying Mprox (some sort of MS proxy) is to blame.  None of the
machines I've gone and examined have had this program running or on the
system anywhere for that matter.

Has anyone else had similar problems of late?  This all started for us
about a week ago and it's showing no signs of going away any time soon.

Thanks.

-Peter

-- 
Peter Moody                             <peter () ucsc edu>
Information Security Administrator      831/459.5409
Communications and Technology Services. http://mustard.ucsc.edu/pubkey
UC, Santa Cruz.
:wq

Attachment: signature.asc
Description: This is a digitally signed message part