Over on SDLU, I was told the empty "rhost=" looks like there is a Trojan using a
socket on my email host. I knew nothing about sockets -- not much more now. Can
anyone tell me how to find it and squash it?
I've never seen anything like this. It's not happening very fast, and I've made
sure the usernames and passwords are good, so statistically, it's going to take
quite a while to get in. But it might get lucky, so I'd like to deal with it.
I've looked with netstat, and I don't see anything suspicious. It occurs to me that it
might be a program that runs every so often, and very quickly, so it doesn't show up
in random "ps" or "top" checks.
The only thing I can think of to do is reinstall. I know that's sometimes the correct
thing to do, but that's so Windows :-) Any advice will be greatly appreciated...
BTW, Please feel free to reply to me personally; my Postfix configuration sometimes considers
bendel.debian.org to be a spammer (it doesn't find a domain for the IP).
Oh. And I'm still on lenny, so reinstalling doesn't seem like too bad an idea...
hand-wrapped from my Apple Mail
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact email@example.com