low security, spam/bot/trojan?


Jun 24, 2011
Hello im new in the forum, try to find help about my case;
in our server we have near of 300 domains configured and recently have to many times blacklisted
abuseat.org describe this as a kind of trojan spam mailer infection...

here describe a simple way to dettect /http://cbl.abuseat.org/sshvuln.html
# locate libkeyutils.so
today we install CSFirewall to prohibits _any_ connections to IP address or
try to find an other user sending using
sudo lsof -i | grep smtp
and nothing

whm version 11.30.5

scaning trojan horses we get a long list.. and do not can distinct wich is realy a trojan

can anyone help?