Register now or log in to join your professional community.
A shared hosting webserver SMTP is used for SPAM, how can I search for SPAM source file in the server, say what are all the places these malicious files can reside and how to find and block them ?
Hello, at first of all install tcptrack. after run tcptrack -i "ethernet interface" . you will see all traffic. after you should find port25,993,587 and monitor it for IP address. tcptrack -i "ethernet interface" src or dst "IP Address". when you find IP you can block it , if it is remote address. If you are sending
then you need sockstats to find which user is using that port, ps -auxw to see that user and fsatats which user use files. after you go there and disable that scripts.