Quoting Minh Van Le <[EMAIL PROTECTED]>: If your machine has a bot on it, this bot could be joining a set irc channel/network... in this channel it sits with all the other machines that have the same prog/bot installed... and then when the owner of these said bots wishes to DoS someone, they issue a command and then the entire bots on the channel then do the DoS from the hosts they are running on, to the machine the owner requests.
So I'd be looking into what stuff is on this machine and shouldn't be. Your machine sounds like it has had hack and the attacker has installed something they shouldn't have. Disconnect it, and rebuild just to be safe. If not, get someone to have a look. Having had experience with these types of botnets, I'd be happy to have a ssh in and look around. Just email me, I should be around later tonight. Cheers -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
