looking for a spammer/virii/malware .... on my system

alexus alexus at gmail.com
Thu Aug 18 16:36:29 UTC 2011


su-3.2# tcpdump -nnAvvvw webmail.west.cox.net 'dst host and
(dst port 80 or 443)'
tcpdump: listening on bce0, link-type EN10MB (Ethernet), capture size 96 bytes
Got 0

let's see what I capture...

On Mon, Aug 15, 2011 at 6:19 PM, Paul Schmehl <pschmehl_lists at tx.rr.com> wrote:
> --On August 15, 2011 2:04:27 PM -0400 alexus <alexus at gmail.com> wrote:
>> I personally leaning towards that these headers are being modified and
>> that there is no spam leaving my box (I may be wrong of couse)
>> here is what I did to come up with that thought....
>> I sent myself an email
> The tcpdump command that Chuck gave you is all you need.  *If* all traffic
> exits your network through your box, you will see anything going to port 25
> *anywhere*.  That should tell you quickly what the problem is, if there is
> one.
> --
> Paul Schmehl, Senior Infosec Analyst
> As if it wasn't already obvious, my opinions
> are my own and not those of my employer.
> *******************************************
> "It is as useless to argue with those who have
> renounced the use of reason as to administer
> medication to the dead." Thomas Jefferson
> "There are some ideas so wrong that only a very
> intelligent person could believe in them." George Orwell


More information about the freebsd-questions mailing list