I thought I would post this here... but I'll probably post it everywhere I can.
I've run JanaServer2 for years, as a way to limit my kids' webtraffic. I run the server on a XP virtual machine. Other than the fact that it's obviously sending out thousands of spam messages a day, it's been great.
I'm not sure for how long this has been going on, but I my dad got a rejection notice today when writing his work. I looked at the NDR and it showed listed on SpamHaus. I checked SpamHaus and found it listed due to being on CBL. CBL showed it as "unidentified" spambot traffic. So I had to dig in deeper.
I ran TCPView on each system until I found janad.exe pumping out spam on the proxy server I set up for the kids. I killed the service and immediately the connections started dropping off.
I need to do some research and determine whether or not it was spyware filled freeware, or somehow was subverted by a trojan/virus. I'm leaning towards the former, since that particular machine runs nothing besides a pared down XP install, and the JanaServer software. I don't even browse the web through it.
I am so pissed off right now... I've been running this program for years now. Can anyone recommend other spam blacklists I can check my IP against?
I've run JanaServer2 for years, as a way to limit my kids' webtraffic. I run the server on a XP virtual machine. Other than the fact that it's obviously sending out thousands of spam messages a day, it's been great.
I'm not sure for how long this has been going on, but I my dad got a rejection notice today when writing his work. I looked at the NDR and it showed listed on SpamHaus. I checked SpamHaus and found it listed due to being on CBL. CBL showed it as "unidentified" spambot traffic. So I had to dig in deeper.
I ran TCPView on each system until I found janad.exe pumping out spam on the proxy server I set up for the kids. I killed the service and immediately the connections started dropping off.
I need to do some research and determine whether or not it was spyware filled freeware, or somehow was subverted by a trojan/virus. I'm leaning towards the former, since that particular machine runs nothing besides a pared down XP install, and the JanaServer software. I don't even browse the web through it.
I am so pissed off right now... I've been running this program for years now. Can anyone recommend other spam blacklists I can check my IP against?