my ISP says I could be a spammer...
 

:(

My ISP provider has blocked me from using port 25 and sent me an email that indicated that a spam virus is sending email from my (machine, IP, Modem? I'm not sure).

90 percent of the time I'm using my MacBook online. But lately, I've been connecting a few times to the internet using my Windows machines. When I do, I go straight through the modem, no firewall other than what's on the Windows OS. When I use my mac, I'm working behind Airport, which functions as a form of firewall(? right ? )

So my question is, how can I determine which machine has the virus? And what does anyone suggest if it turns out to be my Mac?

You're kidding, right?

Download some AV software for the PC and if it doesn't find anything, get better AV software for the PC.

You could have the contracted the first known OS X virus in the wild, but I highly doubt it. Given that there are no known viruses for OS X, I would virtually guarantee that the virus (if there is in fact one) is on one of your Windows machines.

The simplest way to determine which (if any) of your Windows machines has a virus is to run a virus scan on each one. It's a brute force method, but if you aren't already using a virus scanner on your Windows boxes, it's one that is highly recommended. Also, I would recommend that you move your Windows boxes behind a router rather than connecting directly to your ISPs line.

Run some AV software. If you have Windows machines and aren't doing this already, start now.

If no viruses are found, maybe someone who's infected with one is using your wireless network. It's possible, anyway.

I know, I know... Point taken :)

Yeah I should use an external firewall for the windows machines, but I don't have one. Ironically I didn't want them connecting to my airport for this reason, because it has been a long time since I've cleaned them, and I don't trust them to connect them to the airport. Fool that I am.

Yes I'll need to do some security administration for the PC's for sure.

In the meantime I downloaded an upgrade of Little Snitch, very cool, just to be sure.

Interesting idea about others using my wireless network. I'll consider that.


And thanks for everybody's ideas. I feel better that it's probably not my mac... :o

My daughter downloaded some music from myspace which happened to have a goodie hidden inside. The windows machine she was on became slower and slower as it processed more and more spam, but I was unaware at the time. Then I found my IP address on a blacklist as a spammer, did some homework and found that the XP box had been compromised.

That was the last time that windows machine was plugged into my network. It's now a linux box and the wife & kids are using the macbook exclusively.

For a free anti-virus for Windows, I recommend the free version of AVG, available here:
http://free.avg.com/

Be sure to update everything and do a full system scan.

Yes, AVG is pretty good, but I am strating to lean towards AVAST now though. AVG had a few glitches with their free version a few weeks ago that took down a win2k box I have at home. It kept erroring out with a "cannot find file" type error. The problem was, it had 6 updates to do that night, it was off for a few days, so it had not updated recently. Update 2 was a file they had removed for other reasons from their server. AVG had no way of handling this error, so you had to go find the file, download it manually, then install it manually. THEN you could do the updates. It was a PITA, and I would imagine any non tech savy people would have just said "forget it".

Also, since they have not been scanned recently, go get Malwarebytes. Use the free scanning, by downloading installing, and just running. It has never nagged me to buy it on any machine I have installed it on, ~30 so far.

Then get spybot and run teatimer and the immunization etc on the machines.

That will pretty much get them clean, and with AVG or another AV software, you should stay clean enough.

Oh ya, and stop running your windows boxes without a firewall or protection! :)

What's your reasoning for not connecting them to the Airport? They can't infect your Mac or the Airport, and they can only stand to benefit from the added protection of being behind a router!

I would like to note that Macs are only as secure as their administrators configure them to be. I am an Information Systems Security major and believe me, there are plenty of vulnerable mac systems out there. The core of OS X is Darwin,... and it doesn't take a whole lot to set up an email relay in Darwin (ie; no virus necessary). Macs are increasingly becoming targets for botnets as well as low-and-behold its actually pretty simple to make a BSD based machine interface with IRC as well.
With Apple's popularity explosion and the influx of inexperienced Mac users coming with it,... you don't even have to run exploits to compromise macs anymore. A malicious person could gain control of dozens of macs in a single night simply by searching the internet for systems with port 548 or 5900 open (Apple file and screen sharing respectively). A lot of those sytems will have a single administrator account with a null password allowing anyone who comes along full access.

:rolleyes:

New Mac virus sent via email:

:D

Oh boy... Here it goes again...

We all know any OS is only secure as the user makes it. The OS can't compensate for the user's stupidity.

Quoted for truth!

Thanks to everyone for your responses and helpful advice. I've finally managed to get my Windows workstation machine cleaned up. Did a full disk wipe and reinstall (not to be paranoid, but it's just a feel good thing to do every four or five years, just back up files and start over - new system).

So now I'm ready and happy to connect to the airport with the machine. Question - should I use another software firewall, like Zone Alarm, with the PC or just rely on the Windows XP firewall when I'm behind the Airport? What would you do? Note - I hardly ever connect to the internet with this machine - I'm usually on my MacBook or iMac. But when I do use it, I may be on for like 30 minutes at a stretch and I have a cable modem on the other side of the Airport. But still maybe the XP firewall is enough as long as I have some anti-virus program installed, like the ones you mentioned.

I only ask because I'm noticing that the newer version of Zone Alarm is a bit confused by the Airport so far. The older version, like 2003 version that I had around, works with the Airport without issue. But the new version is going to need some set up. Although the new version is Zone Alarm Suite and it comes bundled with anti-virus software. Does anyone have any knowledge or experience with it? Or like I say, I could just keep it simple and use the free AVG or AVAST or some other

And I was able to use the airport without installing the Airport software for Windows. Should I install that software from Apple anyway? Of course I use the airport utility program on my Mac with the Airport.... But what does it do? Do I need it for Windows?

Thanks again for any thoughts.

Ditch Windows and install a *nix OS (e.g. Linux, Solaris, *BSD) on the machine.

Hey, you asked! :D

What I do is I only turn on my PC (I won it. I would never pay for one!) when I absolutely must, and then I only use it behind a router, never check email or do anything that might require a secure system. I don't bother with AV or updates, because I just don't care what happens to the PC. I don't have to worry because there is no important data on the PC and there will not be in the future.

I don't mind that you suggest it. I had Red Hat on the other physical drive and will reinstall that as well at some point. But I need Windows for the Internet Explorer browser...

Although at some point I'll start a new thread and try to get Parallel working on my MacBook. That would help me run Windows on my intel MacBook and iMac's right? Isn't Parallel like VMWare? That would solve pretty much everything I think.

That's a great idea. I like your attitude about it. Maybe that's the way to go with this. Because really, most of my data, and email and so forth are on the macs. I just need to run a few things through the browser from time to time.

Hey, it's funny to see both of you here, J Christopher and cwtnospam. I just burned a half hour to an hour in The Coat Room reading the threads about the economy. Puts my PC firewall issues into serious perspective. :(

Heh, I blame Windows on large corporations too!