Question

Asked:
Asked By:

Aug 6 2008 2:47 PM GMT
Littlejuanito7

200 pts.

How to find and remove bots from your network

Symantec, TrendMicro, Bots, Spam, malware

We have noticed several users receiving undeliverable messages in their Inbox. Unfortunately, they did not send out these emails and considering that they are receiving quite a bit of these messages, it has led me to the conclusion we have been hit and infected with a bot. We are running Exchange 03 and PCs with XP SP2/SP3. Our Symantec and Trend Micro were not able to find and remove. Anyone have a method they have tried successfully to find and remove a bot from a network. Thanks in advance for the help.

Subscribe to Alerts! Get questions and answers delivered to your Inbox.

Help

Answer Wiki (Improve, edit or add to this answer)

IMPROVE THIS ANSWER

View History

RATE THIS ANSWER

+2
Click to Vote:

Last Answered: Aug 6 2008 3:28 PM GMT by Labnuke99

21120 pts.

I do not suspect a bot. Instead I suspect that these users are receiving messages due to backscatter. Take a look at this similar question by another member.

Question 1

See this detailed information about backscatter.

Another source would be the Wikipedia article.

You don't really need to spend a lot of time looking for a bot issue as this is a "feature" of how SMTP e-mail works.

Browse more Questions and Answers on Security and Exchange.

Looking for relevant Security Whitepapers? Visit the SearchSecurity.com Research Library.

RSS - Discussions Help

Discuss This Answer

You must be logged-in to discuss a question. Log-in/Register

Question

How to find and remove bots from your network

Subscribe to Alerts! Get questions and answers delivered to your Inbox.

Answer Wiki (Improve, edit or add to this answer)

Discuss This Answer

Ask a Question

Browse IT Answers by Topic