I have a CentOS machine running DHCP and NAT though gShield. I am getting reports from my ISP saying that machine is "infected" because it's trying to connect to known bot controller. There's quite a few Windows machines grabbing DHCP addresses from this server, what would be the easiest way to find out which machine is infected without walking to each machine and scanning it for viruses/spyware.
thanks for any help you can give me.. -- The information transmitted (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is intended only for the person(s) or entity/entities to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient(s) is prohibited. If you received this in error, please contact the sender and delete the material from any computer. _______________________________________________ CWE-LUG mailing list [email protected] http://www.cwelug.org/ http://www.cwelug.org/archives/ http://www.cwelug.org/mailinglist/
