On Sat, 2007-04-07 at 15:33 -0700, Kamaraju Kusumanchi wrote: > Hi all > > I am using Debian Etch (currently testing). Today from the abuse > department of my ISP, I received the following warning (pasted in the > end). My ISP has suspended my internet connection due to this. > However, I am not able to track down the cause of the problem. I am > wondering if anyone could help me out or tell me a better place to > contact... > > I have used kopete sometime back to contact debian IRC channels. > Other than that I have never heard of this undernet.org. I also cannot > imagine a debian machine (especially with etch being so near to > becoming stable) being compromised as a zombie. > > Here is what I have done so far > 1) I have looked in various log files but could not find any > suspicious activity. > > 2) I tried to register at http://forum.undernet.org but their system > is not allowing me register my account. > > 3) I was not able to contact the original sender of the abuse report > as there is no from address in the report forwarded to me. My ISP's > abuse department is closed for the weekend and I am trying to resolve > this issue before approaching them on Monday. > > Any ideas on how to determine+eliminate the root cause of this > problem? Has anyone faced a similar problem before on Debian machines?
Do you run any proxy servers? That is the big thing they scan for. -- greg, [EMAIL PROTECTED] Novell's Directory Services is a competitive product to Microsoft's Active Directory in much the same way that the Saturn V is a competitive product to those dinky little model rockets that kids light off down at the playfield. -- Thane Walkup -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
