Just because you get notices from daemon because an e-mail bounced does
not necessarily mean that the machine has been compromised. A lot of
the time this is caused by spammers or viruses that spoof the from or
reply-to e-mail address.
Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking
halln@xxxxxxx
417-447-7535
Don Flinn wrote:
I suspect that an intruder may be using my node to send e-mail, because
I have received some notices from my e-mail daemon that such and such
was not available when I never sent e-mail to that person/address.
How do I check if someone is logged in/using my machine? I'm running
FC3.
Don