Solved

how to find the trojan or botnet

Posted on 2013-06-20
2
1,145 Views
Last Modified: 2013-06-20
Hi Experts,

I have seen our IP address is listed at CBL and we cannot send emails with our domain.
Do you know a way how to repair this and find the trojan or bot net ?

 This was detected by a TCP/IP connection from 85.125.249.50 on port 50429 going to IP address 82.165.37.26 (the sinkhole) on port 80.

The botnet command and control domain for this connection was "uwet35fsd.in".
0
Comment
Question by:Eprs_Admin
2 Comments
 
LVL 22

Accepted Solution

by:
David Atkin earned 500 total points
ID: 39261734
How  many PC's do you have?

Check your router/firewall to see if you can see what internal IP addresses are connecting to the external address.

Check to see what PC's are sending emails by looking at the firewall connections or by doing a netstat -a on the PC's (look for lots of port 25 connections)

Make sure your server is not an internal relay by using the mxtoolbox.com SMTP test.
0
 

Author Comment

by:Eprs_Admin
ID: 39262498
thanks a lot.
the tool is very helpful.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now