Our sonicwall and their techs have detected a dns rebind attack originating from our smartermail server running 2008. Since the alerts stop when I shut off this server they are correct. Research tell me about the problem but not have to detect or remove it from server.
Does anyone know how to detect or better yet remove the code cause this?
Edited by hamluis, 12 September 2012 - 05:16 PM.
Moved from NT to Am I Infected - Hamluis.