One of our support technician's machines is attempting to connect to
random IP addresses on port 25 - in a pretty needy fashion. He says
he's scanned the box with the latest updates from McAffee and it
hasn't found anything.

We discovered it because one of my basic (meaning I got it off the
'Net) rules for SEC flagged it as a possible PHEL trojan.

Any thoughts?
firewall-wizards mailing list